1# Copyright (c) 2018, Linaro Limited
2#
3# SPDX-License-Identifier:  GPL-2.0+
4#
5# Android Verified Boot 2.0 Test
6
7"""
8This tests Android Verified Boot 2.0 support in U-boot:
9
10For additional details about how to build proper vbmeta partition
11check doc/android/avb2.rst
12
13For configuration verification:
14- Corrupt boot partition and check for failure
15- Corrupt vbmeta partition and check for failure
16"""
17
18import pytest
19import u_boot_utils as util
20
21# defauld mmc id
22mmc_dev = 1
23temp_addr = 0x90000000
24temp_addr2 = 0x90002000
25
26@pytest.mark.buildconfigspec('cmd_avb')
27@pytest.mark.buildconfigspec('cmd_mmc')
28def test_avb_verify(u_boot_console):
29    """Run AVB 2.0 boot verification chain with avb subset of commands
30    """
31
32    success_str = "Verification passed successfully"
33
34    response = u_boot_console.run_command('avb init %s' %str(mmc_dev))
35    assert response == ''
36    response = u_boot_console.run_command('avb verify')
37    assert response.find(success_str)
38
39
40@pytest.mark.buildconfigspec('cmd_avb')
41@pytest.mark.buildconfigspec('cmd_mmc')
42@pytest.mark.notbuildconfigspec('sandbox')
43def test_avb_mmc_uuid(u_boot_console):
44    """Check if 'avb get_uuid' works, compare results with
45    'part list mmc 1' output
46    """
47
48    response = u_boot_console.run_command('avb init %s' % str(mmc_dev))
49    assert response == ''
50
51    response = u_boot_console.run_command('mmc rescan; mmc dev %s' %
52                                          str(mmc_dev))
53    assert response.find('is current device')
54
55    part_lines = u_boot_console.run_command('mmc part').splitlines()
56    part_list = {}
57    cur_partname = ''
58
59    for line in part_lines:
60        if '"' in line:
61            start_pt = line.find('"')
62            end_pt = line.find('"', start_pt + 1)
63            cur_partname = line[start_pt + 1: end_pt]
64
65        if 'guid:' in line:
66            guid_to_check = line.split('guid:\t')
67            part_list[cur_partname] = guid_to_check[1]
68
69    # lets check all guids with avb get_guid
70    for part, guid in part_list.items():
71        avb_guid_resp = u_boot_console.run_command('avb get_uuid %s' % part)
72        assert guid == avb_guid_resp.split('UUID: ')[1]
73
74
75@pytest.mark.buildconfigspec('cmd_avb')
76def test_avb_read_rb(u_boot_console):
77    """Test reading rollback indexes
78    """
79
80    response = u_boot_console.run_command('avb init %s' % str(mmc_dev))
81    assert response == ''
82
83    response = u_boot_console.run_command('avb read_rb 1')
84    assert response == 'Rollback index: 0'
85
86
87@pytest.mark.buildconfigspec('cmd_avb')
88def test_avb_is_unlocked(u_boot_console):
89    """Test if device is in the unlocked state
90    """
91
92    response = u_boot_console.run_command('avb init %s' % str(mmc_dev))
93    assert response == ''
94
95    response = u_boot_console.run_command('avb is_unlocked')
96    assert response == 'Unlocked = 1'
97
98
99@pytest.mark.buildconfigspec('cmd_avb')
100@pytest.mark.buildconfigspec('cmd_mmc')
101@pytest.mark.notbuildconfigspec('sandbox')
102def test_avb_mmc_read(u_boot_console):
103    """Test mmc read operation
104    """
105
106    response = u_boot_console.run_command('mmc rescan; mmc dev %s 0' %
107                                          str(mmc_dev))
108    assert response.find('is current device')
109
110    response = u_boot_console.run_command('mmc read 0x%x 0x100 0x1' % temp_addr)
111    assert response.find('read: OK')
112
113    response = u_boot_console.run_command('avb init %s' % str(mmc_dev))
114    assert response == ''
115
116    response = u_boot_console.run_command('avb read_part xloader 0 100 0x%x' %
117                                           temp_addr2)
118    assert response.find('Read 512 bytes')
119
120    # Now lets compare two buffers
121    response = u_boot_console.run_command('cmp 0x%x 0x%x 40' %
122                                          (temp_addr, temp_addr2))
123    assert response.find('64 word')
124
125
126@pytest.mark.buildconfigspec('cmd_avb')
127@pytest.mark.buildconfigspec('optee_ta_avb')
128def test_avb_persistent_values(u_boot_console):
129    """Test reading/writing persistent storage to avb
130    """
131
132    response = u_boot_console.run_command('avb init %s' % str(mmc_dev))
133    assert response == ''
134
135    response = u_boot_console.run_command('avb write_pvalue test value_value')
136    assert response == 'Wrote 12 bytes'
137
138    response = u_boot_console.run_command('avb read_pvalue test 12')
139    assert response == 'Read 12 bytes, value = value_value'
140