Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 1 | # SPDX-License-Identifier: GPL-2.0+ |
Tom Rini | 10e4779 | 2018-05-06 17:58:06 -0400 | [diff] [blame] | 2 | # Copyright (c) 2016, Google Inc. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 3 | # |
| 4 | # U-Boot Verified Boot Test |
| 5 | |
| 6 | """ |
| 7 | This tests verified boot in the following ways: |
| 8 | |
| 9 | For image verification: |
| 10 | - Create FIT (unsigned) with mkimage |
| 11 | - Check that verification shows that no keys are verified |
| 12 | - Sign image |
| 13 | - Check that verification shows that a key is now verified |
| 14 | |
| 15 | For configuration verification: |
| 16 | - Corrupt signature and check for failure |
| 17 | - Create FIT (with unsigned configuration) with mkimage |
Simon Glass | d5deca0 | 2016-07-31 17:35:04 -0600 | [diff] [blame] | 18 | - Check that image verification works |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 19 | - Sign the FIT and mark the key as 'required' for verification |
| 20 | - Check that image verification works |
| 21 | - Corrupt the signature |
| 22 | - Check that image verification no-longer works |
| 23 | |
| 24 | Tests run with both SHA1 and SHA256 hashing. |
| 25 | """ |
| 26 | |
| 27 | import pytest |
| 28 | import sys |
Teddy Reed | e6a4783 | 2018-06-09 11:38:05 -0400 | [diff] [blame] | 29 | import struct |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 30 | import u_boot_utils as util |
| 31 | |
Michal Simek | 6e035ab | 2016-07-18 08:49:08 +0200 | [diff] [blame] | 32 | @pytest.mark.boardspec('sandbox') |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 33 | @pytest.mark.buildconfigspec('fit_signature') |
Stephen Warren | 2079db3 | 2017-09-18 11:11:49 -0600 | [diff] [blame] | 34 | @pytest.mark.requiredtool('dtc') |
| 35 | @pytest.mark.requiredtool('fdtget') |
| 36 | @pytest.mark.requiredtool('fdtput') |
| 37 | @pytest.mark.requiredtool('openssl') |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 38 | def test_vboot(u_boot_console): |
| 39 | """Test verified boot signing with mkimage and verification with 'bootm'. |
| 40 | |
| 41 | This works using sandbox only as it needs to update the device tree used |
| 42 | by U-Boot to hold public keys from the signing process. |
| 43 | |
| 44 | The SHA1 and SHA256 tests are combined into a single test since the |
| 45 | key-generation process is quite slow and we want to avoid doing it twice. |
| 46 | """ |
| 47 | def dtc(dts): |
Simon Glass | d5deca0 | 2016-07-31 17:35:04 -0600 | [diff] [blame] | 48 | """Run the device tree compiler to compile a .dts file |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 49 | |
| 50 | The output file will be the same as the input file but with a .dtb |
| 51 | extension. |
| 52 | |
| 53 | Args: |
| 54 | dts: Device tree file to compile. |
| 55 | """ |
| 56 | dtb = dts.replace('.dts', '.dtb') |
Simon Glass | ba8116c | 2016-07-31 17:35:05 -0600 | [diff] [blame] | 57 | util.run_and_log(cons, 'dtc %s %s%s -O dtb ' |
| 58 | '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 59 | |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 60 | def run_bootm(sha_algo, test_type, expect_string, boots): |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 61 | """Run a 'bootm' command U-Boot. |
| 62 | |
| 63 | This always starts a fresh U-Boot instance since the device tree may |
| 64 | contain a new public key. |
| 65 | |
| 66 | Args: |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 67 | test_type: A string identifying the test type. |
| 68 | expect_string: A string which is expected in the output. |
| 69 | sha_algo: Either 'sha1' or 'sha256', to select the algorithm to |
| 70 | use. |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 71 | boots: A boolean that is True if Linux should boot and False if |
| 72 | we are expected to not boot |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 73 | """ |
Simon Glass | 37c2ce1 | 2016-07-31 17:35:08 -0600 | [diff] [blame] | 74 | cons.restart_uboot() |
Simon Glass | 2a40d83 | 2016-07-31 17:35:07 -0600 | [diff] [blame] | 75 | with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)): |
| 76 | output = cons.run_command_list( |
Simon Glass | f250d47 | 2018-11-15 18:44:02 -0700 | [diff] [blame] | 77 | ['host load hostfs - 100 %stest.fit' % tmpdir, |
Simon Glass | 2a40d83 | 2016-07-31 17:35:07 -0600 | [diff] [blame] | 78 | 'fdt addr 100', |
| 79 | 'bootm 100']) |
Simon Glass | 2ca7311 | 2016-07-31 17:35:09 -0600 | [diff] [blame] | 80 | assert(expect_string in ''.join(output)) |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 81 | if boots: |
| 82 | assert('sandbox: continuing, as we cannot run' in ''.join(output)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 83 | |
| 84 | def make_fit(its): |
Simon Glass | d5deca0 | 2016-07-31 17:35:04 -0600 | [diff] [blame] | 85 | """Make a new FIT from the .its source file. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 86 | |
| 87 | This runs 'mkimage -f' to create a new FIT. |
| 88 | |
| 89 | Args: |
Simon Glass | d5deca0 | 2016-07-31 17:35:04 -0600 | [diff] [blame] | 90 | its: Filename containing .its source. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 91 | """ |
| 92 | util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f', |
| 93 | '%s%s' % (datadir, its), fit]) |
| 94 | |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 95 | def sign_fit(sha_algo): |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 96 | """Sign the FIT |
| 97 | |
| 98 | Signs the FIT and writes the signature into it. It also writes the |
| 99 | public key into the dtb. |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 100 | |
| 101 | Args: |
| 102 | sha_algo: Either 'sha1' or 'sha256', to select the algorithm to |
| 103 | use. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 104 | """ |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 105 | cons.log.action('%s: Sign images' % sha_algo) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 106 | util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb, |
| 107 | '-r', fit]) |
| 108 | |
Teddy Reed | e6a4783 | 2018-06-09 11:38:05 -0400 | [diff] [blame] | 109 | def replace_fit_totalsize(size): |
| 110 | """Replace FIT header's totalsize with something greater. |
| 111 | |
| 112 | The totalsize must be less than or equal to FIT_SIGNATURE_MAX_SIZE. |
| 113 | If the size is greater, the signature verification should return false. |
| 114 | |
| 115 | Args: |
| 116 | size: The new totalsize of the header |
| 117 | |
| 118 | Returns: |
| 119 | prev_size: The previous totalsize read from the header |
| 120 | """ |
| 121 | total_size = 0 |
| 122 | with open(fit, 'r+b') as handle: |
| 123 | handle.seek(4) |
| 124 | total_size = handle.read(4) |
| 125 | handle.seek(4) |
| 126 | handle.write(struct.pack(">I", size)) |
| 127 | return struct.unpack(">I", total_size)[0] |
| 128 | |
Philippe Reynes | afdbcdb | 2018-11-14 13:51:04 +0100 | [diff] [blame] | 129 | def test_with_algo(sha_algo, padding): |
Simon Glass | d5deca0 | 2016-07-31 17:35:04 -0600 | [diff] [blame] | 130 | """Test verified boot with the given hash algorithm. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 131 | |
| 132 | This is the main part of the test code. The same procedure is followed |
| 133 | for both hashing algorithms. |
| 134 | |
| 135 | Args: |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 136 | sha_algo: Either 'sha1' or 'sha256', to select the algorithm to |
| 137 | use. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 138 | """ |
Simon Glass | dc3ab7e | 2016-07-31 17:35:02 -0600 | [diff] [blame] | 139 | # Compile our device tree files for kernel and U-Boot. These are |
| 140 | # regenerated here since mkimage will modify them (by adding a |
| 141 | # public key) below. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 142 | dtc('sandbox-kernel.dts') |
| 143 | dtc('sandbox-u-boot.dts') |
| 144 | |
| 145 | # Build the FIT, but don't sign anything yet |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 146 | cons.log.action('%s: Test FIT with signed images' % sha_algo) |
Philippe Reynes | afdbcdb | 2018-11-14 13:51:04 +0100 | [diff] [blame] | 147 | make_fit('sign-images-%s%s.its' % (sha_algo , padding)) |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 148 | run_bootm(sha_algo, 'unsigned images', 'dev-', True) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 149 | |
| 150 | # Sign images with our dev keys |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 151 | sign_fit(sha_algo) |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 152 | run_bootm(sha_algo, 'signed images', 'dev+', True) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 153 | |
| 154 | # Create a fresh .dtb without the public keys |
| 155 | dtc('sandbox-u-boot.dts') |
| 156 | |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 157 | cons.log.action('%s: Test FIT with signed configuration' % sha_algo) |
Philippe Reynes | afdbcdb | 2018-11-14 13:51:04 +0100 | [diff] [blame] | 158 | make_fit('sign-configs-%s%s.its' % (sha_algo , padding)) |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 159 | run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 160 | |
| 161 | # Sign images with our dev keys |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 162 | sign_fit(sha_algo) |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 163 | run_bootm(sha_algo, 'signed config', 'dev+', True) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 164 | |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 165 | cons.log.action('%s: Check signed config on the host' % sha_algo) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 166 | |
| 167 | util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir, |
| 168 | '-k', dtb]) |
| 169 | |
Teddy Reed | e6a4783 | 2018-06-09 11:38:05 -0400 | [diff] [blame] | 170 | # Replace header bytes |
| 171 | bcfg = u_boot_console.config.buildconfig |
| 172 | max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0) |
| 173 | existing_size = replace_fit_totalsize(max_size + 1) |
| 174 | run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False) |
| 175 | cons.log.action('%s: Check overflowed FIT header totalsize' % sha_algo) |
| 176 | |
| 177 | # Replace with existing header bytes |
| 178 | replace_fit_totalsize(existing_size) |
| 179 | run_bootm(sha_algo, 'signed config', 'dev+', True) |
| 180 | cons.log.action('%s: Check default FIT header totalsize' % sha_algo) |
| 181 | |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 182 | # Increment the first byte of the signature, which should cause failure |
Simon Glass | ba8116c | 2016-07-31 17:35:05 -0600 | [diff] [blame] | 183 | sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' % |
| 184 | (fit, sig_node)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 185 | byte_list = sig.split() |
| 186 | byte = int(byte_list[0], 16) |
Simon Glass | dc3ab7e | 2016-07-31 17:35:02 -0600 | [diff] [blame] | 187 | byte_list[0] = '%x' % (byte + 1) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 188 | sig = ' '.join(byte_list) |
Simon Glass | ba8116c | 2016-07-31 17:35:05 -0600 | [diff] [blame] | 189 | util.run_and_log(cons, 'fdtput -t bx %s %s value %s' % |
| 190 | (fit, sig_node, sig)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 191 | |
Tom Rini | b65ce46 | 2016-09-18 09:46:58 -0400 | [diff] [blame] | 192 | run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 193 | |
Simon Glass | f223c73 | 2016-07-31 17:35:06 -0600 | [diff] [blame] | 194 | cons.log.action('%s: Check bad config on the host' % sha_algo) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 195 | util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit, |
| 196 | '-k', dtb], 1, 'Failed to verify required signature') |
| 197 | |
| 198 | cons = u_boot_console |
| 199 | tmpdir = cons.config.result_dir + '/' |
| 200 | tmp = tmpdir + 'vboot.tmp' |
Stephen Warren | 7047d95 | 2016-07-18 10:07:25 -0600 | [diff] [blame] | 201 | datadir = cons.config.source_dir + '/test/py/tests/vboot/' |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 202 | fit = '%stest.fit' % tmpdir |
| 203 | mkimage = cons.config.build_dir + '/tools/mkimage' |
| 204 | fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign' |
| 205 | dtc_args = '-I dts -O dtb -i %s' % tmpdir |
| 206 | dtb = '%ssandbox-u-boot.dtb' % tmpdir |
Philippe Reynes | a28e922 | 2018-11-14 13:51:05 +0100 | [diff] [blame] | 207 | sig_node = '/configurations/conf-1/signature' |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 208 | |
| 209 | # Create an RSA key pair |
| 210 | public_exponent = 65537 |
Simon Glass | ba8116c | 2016-07-31 17:35:05 -0600 | [diff] [blame] | 211 | util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key ' |
| 212 | '-pkeyopt rsa_keygen_bits:2048 ' |
Paul Burton | 2662c82 | 2017-09-14 14:34:50 -0700 | [diff] [blame] | 213 | '-pkeyopt rsa_keygen_pubexp:%d' % |
| 214 | (tmpdir, public_exponent)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 215 | |
| 216 | # Create a certificate containing the public key |
Simon Glass | ba8116c | 2016-07-31 17:35:05 -0600 | [diff] [blame] | 217 | util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out ' |
| 218 | '%sdev.crt' % (tmpdir, tmpdir)) |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 219 | |
| 220 | # Create a number kernel image with zeroes |
| 221 | with open('%stest-kernel.bin' % tmpdir, 'w') as fd: |
| 222 | fd.write(5000 * chr(0)) |
| 223 | |
| 224 | try: |
| 225 | # We need to use our own device tree file. Remember to restore it |
| 226 | # afterwards. |
| 227 | old_dtb = cons.config.dtb |
| 228 | cons.config.dtb = dtb |
Philippe Reynes | afdbcdb | 2018-11-14 13:51:04 +0100 | [diff] [blame] | 229 | test_with_algo('sha1','') |
| 230 | test_with_algo('sha1','-pss') |
| 231 | test_with_algo('sha256','') |
| 232 | test_with_algo('sha256','-pss') |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 233 | finally: |
Simon Glass | 37c2ce1 | 2016-07-31 17:35:08 -0600 | [diff] [blame] | 234 | # Go back to the original U-Boot with the correct dtb. |
Simon Glass | d977ecd | 2016-07-03 09:40:46 -0600 | [diff] [blame] | 235 | cons.config.dtb = old_dtb |
Simon Glass | 37c2ce1 | 2016-07-31 17:35:08 -0600 | [diff] [blame] | 236 | cons.restart_uboot() |