1cc0351915
This allows the update_verifier in a general system image to work across
devices that have different verified boot versions (i.e. not supported /
verified boot 1.0 / verified boot 2.0 / disabled).
Bug: 78283982
Test: Run recovery_component_test on both of marlin and walleye.
Test: Generate an OTA that has this CL. Install this OTA and check the
update_verifier log during the post-reboot verification, on both
of marlin (VB 1.0) and walleye (VB 2.0).
Test: Build and flash walleye image with verified boot disabled. Check
that update_verifier marks the slot as successfully booted.
Change-Id: I828d87d59f911786531f774ffcf9b2ad7c2ca007
94 lines
3.1 KiB
C++
94 lines
3.1 KiB
C++
/*
|
|
* Copyright (C) 2017 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include <string>
|
|
|
|
#include <android-base/file.h>
|
|
#include <android-base/properties.h>
|
|
#include <android-base/strings.h>
|
|
#include <android-base/test_utils.h>
|
|
#include <gtest/gtest.h>
|
|
#include <update_verifier/update_verifier.h>
|
|
|
|
class UpdateVerifierTest : public ::testing::Test {
|
|
protected:
|
|
void SetUp() override {
|
|
std::string verity_mode = android::base::GetProperty("ro.boot.veritymode", "");
|
|
verity_supported = android::base::EqualsIgnoreCase(verity_mode, "enforcing");
|
|
}
|
|
|
|
bool verity_supported;
|
|
};
|
|
|
|
TEST_F(UpdateVerifierTest, verify_image_no_care_map) {
|
|
// Non-existing care_map is allowed.
|
|
ASSERT_TRUE(verify_image("/doesntexist"));
|
|
}
|
|
|
|
TEST_F(UpdateVerifierTest, verify_image_smoke) {
|
|
// This test relies on dm-verity support.
|
|
if (!verity_supported) {
|
|
GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support.";
|
|
return;
|
|
}
|
|
|
|
TemporaryFile temp_file;
|
|
std::string content = "system\n2,0,1";
|
|
ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path));
|
|
ASSERT_TRUE(verify_image(temp_file.path));
|
|
|
|
// Leading and trailing newlines should be accepted.
|
|
ASSERT_TRUE(android::base::WriteStringToFile("\n" + content + "\n\n", temp_file.path));
|
|
ASSERT_TRUE(verify_image(temp_file.path));
|
|
}
|
|
|
|
TEST_F(UpdateVerifierTest, verify_image_wrong_lines) {
|
|
// The care map file can have only 2 / 4 / 6 lines.
|
|
TemporaryFile temp_file;
|
|
ASSERT_FALSE(verify_image(temp_file.path));
|
|
|
|
ASSERT_TRUE(android::base::WriteStringToFile("line1", temp_file.path));
|
|
ASSERT_FALSE(verify_image(temp_file.path));
|
|
|
|
ASSERT_TRUE(android::base::WriteStringToFile("line1\nline2\nline3", temp_file.path));
|
|
ASSERT_FALSE(verify_image(temp_file.path));
|
|
}
|
|
|
|
TEST_F(UpdateVerifierTest, verify_image_malformed_care_map) {
|
|
// This test relies on dm-verity support.
|
|
if (!verity_supported) {
|
|
GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support.";
|
|
return;
|
|
}
|
|
|
|
TemporaryFile temp_file;
|
|
std::string content = "system\n2,1,0";
|
|
ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path));
|
|
ASSERT_FALSE(verify_image(temp_file.path));
|
|
}
|
|
|
|
TEST_F(UpdateVerifierTest, verify_image_legacy_care_map) {
|
|
// This test relies on dm-verity support.
|
|
if (!verity_supported) {
|
|
GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support.";
|
|
return;
|
|
}
|
|
|
|
TemporaryFile temp_file;
|
|
std::string content = "/dev/block/bootdevice/by-name/system\n2,1,0";
|
|
ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path));
|
|
ASSERT_TRUE(verify_image(temp_file.path));
|
|
}
|