OpenCellular/tests/load_kernel_tests.sh

#!/bin/bash

# Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# End-to-end test for vboot2 kernel verification

# Load common constants and variables.
. "$(dirname "$0")/common.sh"

set -e

echo 'Creating test kernel'

# Run tests in a dedicated directory for easy cleanup or debugging.
DIR="${TEST_DIR}/load_kernel_test_dir"
[ -d "$DIR" ] || mkdir -p "$DIR"
echo "Testing kernel verification in $DIR"
cd "$DIR"

# Dummy kernel data
echo "hi there" > "dummy_config.txt"
dd if=/dev/urandom bs=16384 count=1 of="dummy_bootloader.bin"
dd if=/dev/urandom bs=32768 count=1 of="dummy_kernel.bin"

# Pack kernel data key using original vboot utilities.
${FUTILITY} vbutil_key --pack datakey.test \
    --key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4

# Keyblock with kernel data key is signed by kernel subkey
# Flags=5 means dev=0 rec=0
${FUTILITY} vbutil_keyblock --pack keyblock.test \
    --datapubkey datakey.test \
    --flags 5 \
    --signprivate ${SCRIPT_DIR}/devkeys/kernel_subkey.vbprivk

# Kernel preamble is signed with the kernel data key
${FUTILITY} vbutil_kernel \
    --pack "kernel.test" \
    --keyblock "keyblock.test" \
    --signprivate ${TESTKEY_DIR}/key_rsa2048.sha256.vbprivk \
    --version 1 \
    --arch arm \
    --vmlinuz "dummy_kernel.bin" \
    --bootloader "dummy_bootloader.bin" \
    --config "dummy_config.txt"

echo 'Verifying test kernel'

# Verify the kernel
${FUTILITY} vbutil_kernel \
    --verify "kernel.test" \
    --signpubkey ${SCRIPT_DIR}/devkeys/kernel_subkey.vbpubk

happy 'Kernel verification succeeded'

# Now create a dummy disk image
echo 'Creating test disk image'
dd if=/dev/zero of=disk.test bs=1024 count=1024
cgpt create disk.test
cgpt add -i 1 -S 1 -P 1 -b 64 -s 960 -t kernel -l kernelA disk.test
cgpt show disk.test

# And insert the kernel into it
dd if=kernel.test of=disk.test bs=512 seek=64 conv=notrunc

# And verify it using futility
echo 'Verifying test disk image'
${FUTILITY} verify_kernel disk.test \
    ${SCRIPT_DIR}/devkeys/kernel_subkey.vbpubk

happy 'Image verification succeeded'