diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-08-27 13:34:35 -0700 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-08-29 21:56:23 +0000 |
commit | b8ff397674fb98c1d7eea864e7fa571369675131 (patch) | |
tree | c714f793ff718d85d8cdb1d23a0537c0b0fab39e /tests/load_kernel_tests.sh | |
parent | 88458d9b5281aca162821a369707781ac9abb44e (diff) | |
download | vboot-b8ff397674fb98c1d7eea864e7fa571369675131.tar.gz |
vboot: Add system-level test for LoadKernel()
This creates a disk image and verifies a kernel can be loaded from it.
It is roughly analogous to vb2_firmware_tests.sh, but at the kernel
step instead of the firmware step.
This will get more interesting in the near future, with the upcoming
addition of a streaming API to read the kernel.
BUG=chromium:408265
BRANCH=none
TEST=make runtests
Change-Id: Icc9e6d0e318c4bd38fc9ab1ad704da99232822e1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/214508
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'tests/load_kernel_tests.sh')
-rwxr-xr-x | tests/load_kernel_tests.sh | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/tests/load_kernel_tests.sh b/tests/load_kernel_tests.sh new file mode 100755 index 00000000..74e91e40 --- /dev/null +++ b/tests/load_kernel_tests.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# Copyright (c) 2014 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. +# +# End-to-end test for vboot2 kernel verification + +# Load common constants and variables. +. "$(dirname "$0")/common.sh" + +set -e + +echo 'Creating test kernel' + +# Run tests in a dedicated directory for easy cleanup or debugging. +DIR="${TEST_DIR}/load_kernel_test_dir" +[ -d "$DIR" ] || mkdir -p "$DIR" +echo "Testing kernel verification in $DIR" +cd "$DIR" + +# Dummy kernel data +echo "hi there" > "dummy_config.txt" +dd if=/dev/urandom bs=16384 count=1 of="dummy_bootloader.bin" +dd if=/dev/urandom bs=32768 count=1 of="dummy_kernel.bin" + +# Pack kernel data key using original vboot utilities. +${BIN_DIR}/vbutil_key --pack datakey.test \ + --key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4 + +# Keyblock with kernel data key is signed by kernel subkey +# Flags=5 means dev=0 rec=0 +${BIN_DIR}/vbutil_keyblock --pack keyblock.test \ + --datapubkey datakey.test \ + --flags 5 \ + --signprivate ${SCRIPT_DIR}/devkeys/kernel_subkey.vbprivk + +# Kernel preamble is signed with the kernel data key +${BIN_DIR}/futility vbutil_kernel \ + --pack "kernel.test" \ + --keyblock "keyblock.test" \ + --signprivate ${TESTKEY_DIR}/key_rsa2048.sha256.vbprivk \ + --version 1 \ + --arch arm \ + --vmlinuz "dummy_kernel.bin" \ + --bootloader "dummy_bootloader.bin" \ + --config "dummy_config.txt" + +echo 'Verifying test kernel using vbutil_kernel' + +# Verify the kernel +${BIN_DIR}/futility vbutil_kernel \ + --verify "kernel.test" \ + --signpubkey ${SCRIPT_DIR}/devkeys/kernel_subkey.vbpubk + +happy 'Kernel verification succeeded' + +# Now create a dummy disk image +echo 'Creating test disk image' +dd if=/dev/zero of=disk.test bs=1024 count=1024 +cgpt create disk.test +cgpt add -i 1 -S 1 -P 1 -b 64 -s 960 -t kernel -l kernelA disk.test +cgpt show disk.test + +# And insert the kernel into it +dd if=kernel.test of=disk.test bs=512 seek=64 conv=notrunc + +# And verify it using futility +echo 'Verifying test disk image' +${BIN_DIR}/futility verify_kernel disk.test \ + ${SCRIPT_DIR}/devkeys/kernel_subkey.vbpubk + +happy 'Image verification succeeded' |