From 9905ce8f6ad08810b0bd60f55981d9734e13e845 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tomhughes@chromium.org>
Date: Mon, 11 May 2020 15:19:14 -0700
Subject: test: Add rollback entropy on-device unit test

This unit test validates the behavior of adding entropy to rollback.

BRANCH=none
BUG=b:151105339
TEST=make BOARD=bloonchipper test-rollback_entropy -j &&
     ./util/flash_jlink.py --board bloonchipper
     --image ./build/bloonchipper/rollback_entropy/rollback_entropy.bin

     Dragonclaw console:
     > reboot ro
     > runtest

Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I0532104d483e3a8c16c2c3b9fd7fef8554eaadad
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2197620
---
 board/hatch_fp/build.mk        |   1 +
 board/nocturne_fp/build.mk     |   1 +
 board/nucleo-f412zg/build.mk   |   1 +
 board/nucleo-h743zi/build.mk   |   1 +
 test/build.mk                  |   1 +
 test/rollback_entropy.c        | 193 +++++++++++++++++++++++++++++++++++++++++
 test/rollback_entropy.tasklist |   9 ++
 7 files changed, 207 insertions(+)
 create mode 100644 test/rollback_entropy.c
 create mode 100644 test/rollback_entropy.tasklist

diff --git a/board/hatch_fp/build.mk b/board/hatch_fp/build.mk
index a7d717fc7d..85e695acdf 100644
--- a/board/hatch_fp/build.mk
+++ b/board/hatch_fp/build.mk
@@ -18,6 +18,7 @@ test-list-y=\
        mutex \
        pingpong \
        rollback \
+       rollback_entropy \
        rtc \
        sha256 \
        sha256_unrolled \
diff --git a/board/nocturne_fp/build.mk b/board/nocturne_fp/build.mk
index 9c053ec31b..534ec3d0cc 100644
--- a/board/nocturne_fp/build.mk
+++ b/board/nocturne_fp/build.mk
@@ -19,6 +19,7 @@ test-list-y=\
        mutex \
        pingpong \
        rollback \
+       rollback_entropy \
        rtc \
        sha256 \
        sha256_unrolled \
diff --git a/board/nucleo-f412zg/build.mk b/board/nucleo-f412zg/build.mk
index 923acd1b23..93e54451b6 100644
--- a/board/nucleo-f412zg/build.mk
+++ b/board/nucleo-f412zg/build.mk
@@ -16,6 +16,7 @@ test-list-y=\
        mutex \
        pingpong \
        rollback \
+       rollback_entropy \
        rtc \
        sha256 \
        sha256_unrolled \
diff --git a/board/nucleo-h743zi/build.mk b/board/nucleo-h743zi/build.mk
index c3d098e811..81343a38cd 100644
--- a/board/nucleo-h743zi/build.mk
+++ b/board/nucleo-h743zi/build.mk
@@ -16,6 +16,7 @@ test-list-y=\
        mutex \
        pingpong \
        rollback \
+       rollback_entropy \
        rtc \
        sha256 \
        sha256_unrolled \
diff --git a/test/build.mk b/test/build.mk
index 58094802cd..b6e267b458 100644
--- a/test/build.mk
+++ b/test/build.mk
@@ -158,6 +158,7 @@ powerdemo-y=powerdemo.o
 printf-y=printf.o
 queue-y=queue.o
 rollback-y=rollback.o
+rollback_entropy-y=rollback_entropy.o
 rsa-y=rsa.o
 rsa3-y=rsa.o
 rtc-y=rtc.o
diff --git a/test/rollback_entropy.c b/test/rollback_entropy.c
new file mode 100644
index 0000000000..6c1435ec95
--- /dev/null
+++ b/test/rollback_entropy.c
@@ -0,0 +1,193 @@
+/* Copyright 2020 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#include "rollback.h"
+#include "rollback_private.h"
+#include "string.h"
+#include "system.h"
+#include "test_util.h"
+
+static const uint32_t VALID_ROLLBACK_COOKIE = 0x0b112233;
+static const uint32_t UNINITIALIZED_ROLLBACK_COOKIE = 0xffffffff;
+
+static const uint8_t FAKE_ENTROPY[] = {
+	0xff, 0xff, 0xff, 0xff
+};
+
+/*
+ * Generated by concatenating 32-bytes (256-bits) of zeros with the 4 bytes
+ * of FAKE_ENTROPY and computing SHA256 sum:
+ *
+ * echo -n -e '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'\
+ * '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'\
+ * '\xFF\xFF\xFF\xFF'  | sha256sum
+ *
+ * 890ed82cf09f22243bdc4252e4d79c8a9810c1391f455dce37a7b732eb0a0e4f
+ */
+#define EXPECTED_SECRET \
+	0x89, 0x0e, 0xd8, 0x2c, 0xf0, 0x9f, 0x22, 0x24, 0x3b, 0xdc, 0x42, \
+	0x52, 0xe4, 0xd7, 0x9c, 0x8a, 0x98, 0x10, 0xc1, 0x39, 0x1f, 0x45, \
+	0x5d, 0xce, 0x37, 0xa7, 0xb7, 0x32, 0xeb, 0x0a, 0x0e, 0x4f
+static const uint8_t _EXPECTED_SECRET[] = {
+	EXPECTED_SECRET
+};
+BUILD_ASSERT(sizeof(_EXPECTED_SECRET) == CONFIG_ROLLBACK_SECRET_SIZE);
+
+/*
+ * Generated by concatenating 32-bytes (256-bits) of EXPECTED_SECRET with the 4
+ * bytes of FAKE_ENTROPY and computing SHA256 sum:
+ *
+ * echo -n -e '\x89\x0e\xd8\x2c\xf0\x9f\x22\x24\x3b\xdc\x42\x52\xe4\xd7\x9c'\
+ * '\x8a\x98\x10\xc1\x39\x1f\x45\x5d\xce\x37\xa7\xb7\x32\xeb\x0a\x0e\x4f\xFF'\
+ * '\FF\xFF' | sha256sum
+ *
+ * b5d2c08b1f9109ac5c67de15486f0ac267ef9501bd9f646f4ea80085cb08284c
+ */
+#define EXPECTED_SECRET2 \
+	0xb5, 0xd2, 0xc0, 0x8b, 0x1f, 0x91, 0x09, 0xac, 0x5c, 0x67, 0xde, \
+	0x15, 0x48, 0x6f, 0x0a, 0xc2, 0x67, 0xef, 0x95, 0x01, 0xbd, 0x9f, \
+	0x64, 0x6f, 0x4e, 0xa8, 0x00, 0x85, 0xcb, 0x08, 0x28, 0x4c
+static const uint8_t _EXPECTED_SECRET2[] = {
+	EXPECTED_SECRET2
+};
+BUILD_ASSERT(sizeof(_EXPECTED_SECRET2) == CONFIG_ROLLBACK_SECRET_SIZE);
+
+#define EXPECTED_UNINITIALIZED_ROLLBACK_SECRET \
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, \
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, \
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, \
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+static const uint8_t _EXPECTED_UNINITIALIZED_ROLLBACK_SECRET[] = {
+	EXPECTED_UNINITIALIZED_ROLLBACK_SECRET
+};
+BUILD_ASSERT(sizeof(_EXPECTED_UNINITIALIZED_ROLLBACK_SECRET) ==
+	     CONFIG_ROLLBACK_SECRET_SIZE);
+
+test_static void print_rollback(const struct rollback_data *rb_data)
+{
+	int i;
+
+	ccprintf("rollback secret: 0x");
+	for (i = 0; i < sizeof(rb_data->secret); i++)
+		ccprintf("%02x", rb_data->secret[i]);
+	ccprintf("\n");
+
+	ccprintf("rollback id: %d\n", rb_data->id);
+	ccprintf("rollback cookie: %0x\n", rb_data->cookie);
+	ccprintf("rollback_min_version: %d\n", rb_data->rollback_min_version);
+}
+
+test_static int check_equal(const struct rollback_data *actual,
+			    const struct rollback_data *expected)
+{
+	int rv = memcmp(actual->secret, expected->secret,
+			sizeof(*actual->secret));
+	TEST_EQ(rv, 0, "%d");
+	TEST_EQ(actual->rollback_min_version, expected->rollback_min_version,
+		"%d");
+	TEST_EQ(actual->id, expected->id, "%d");
+	TEST_EQ(actual->cookie, expected->cookie, "%d");
+	return EC_SUCCESS;
+}
+
+test_static int test_add_entropy(void)
+{
+	int rv;
+	struct rollback_data rb_data;
+
+	const struct rollback_data expected_empty = {
+		.id = 0,
+		.rollback_min_version = 0,
+		.secret = { 0 },
+		.cookie = VALID_ROLLBACK_COOKIE
+	};
+
+	const struct rollback_data expected_uninitialized = {
+		.id = -1,
+		.rollback_min_version = -1,
+		.secret = { EXPECTED_UNINITIALIZED_ROLLBACK_SECRET },
+		.cookie = UNINITIALIZED_ROLLBACK_COOKIE
+	};
+
+	const struct rollback_data expected_secret = {
+		.id = 1,
+		.rollback_min_version = 0,
+		.secret = { EXPECTED_SECRET },
+		.cookie = VALID_ROLLBACK_COOKIE
+	};
+
+	const struct rollback_data expected_secret2 = {
+		.id = 2,
+		.rollback_min_version = 0,
+		.secret = { EXPECTED_SECRET2 },
+		.cookie = VALID_ROLLBACK_COOKIE
+	};
+
+	if (system_get_image_copy() != EC_IMAGE_RO) {
+		ccprintf("This test is only works when running RO\n");
+		return EC_ERROR_UNKNOWN;
+	}
+
+	/*
+	 * After flashing both rollback regions will be uninitialized (all
+	 * 0xFF). During the boot process, we expect region 0 to be initialized
+	 * by the call to rollback_get_minimum_version().
+	 */
+	rv = read_rollback(0, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_empty), EC_SUCCESS, "%d");
+
+	/* Immediately after boot region 1 should not yet be initialized. */
+	rv = read_rollback(1, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_uninitialized), EC_SUCCESS, "%d");
+
+	/*
+	 * Add entropy. The result should end up being written to the unused
+	 * region (region 1).
+	 */
+	if (IS_ENABLED(SECTION_IS_RO)) {
+		rv = rollback_add_entropy(FAKE_ENTROPY, sizeof(FAKE_ENTROPY));
+		TEST_EQ(rv, EC_SUCCESS, "%d");
+	}
+
+	/* Validate that region 1 has been updated correctly. */
+	rv = read_rollback(1, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_secret), EC_SUCCESS, "%d");
+
+	/* Validate that region 0 has not changed. */
+	rv = read_rollback(0, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_empty), EC_SUCCESS, "%d");
+
+	/*
+	 * Add more entropy. The result should now end up being written to
+	 * region 0.
+	 */
+	if (IS_ENABLED(SECTION_IS_RO)) {
+		rv = rollback_add_entropy(FAKE_ENTROPY, sizeof(FAKE_ENTROPY));
+		TEST_EQ(rv, EC_SUCCESS, "%d");
+	}
+
+	/* Check region 0. */
+	rv = read_rollback(0, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_secret2), EC_SUCCESS, "%d");
+
+	/* Check region 1 has not changed. */
+	rv = read_rollback(1, &rb_data);
+	TEST_EQ(rv, EC_SUCCESS, "%d");
+	TEST_EQ(check_equal(&rb_data, &expected_secret), EC_SUCCESS, "%d");
+
+	return rv;
+}
+
+void run_test(void)
+{
+	ccprintf("Running rollback_entropy test\n");
+	RUN_TEST(test_add_entropy);
+	test_print_result();
+}
diff --git a/test/rollback_entropy.tasklist b/test/rollback_entropy.tasklist
new file mode 100644
index 0000000000..51734f058d
--- /dev/null
+++ b/test/rollback_entropy.tasklist
@@ -0,0 +1,9 @@
+/* Copyright 2020 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/**
+ * See CONFIG_TASK_LIST in config.h for details.
+ */
+#define CONFIG_TEST_TASK_LIST  /* no tasks */
-- 
cgit v1.2.1