From 4d9e62d8a07b233da4d82a42eb30de64cf2b45bd Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Fri, 11 May 2018 10:41:44 -0700 Subject: Add proto3 support for care_map Switching to the protobuf format helps to make the care_map more extensible. As we have such plans in the future, add the support to parse the protobuf message in the update_verifier. Bug: 77867897 Test: unit tests pass, update_verifier successfully verifies a care_map.pb Change-Id: I9fe83cb4dd3cc8d6fd0260f2a47338fe142d3938 --- tests/component/update_verifier_test.cpp | 113 +++++++++++++++++++++++++------ 1 file changed, 94 insertions(+), 19 deletions(-) (limited to 'tests/component/update_verifier_test.cpp') diff --git a/tests/component/update_verifier_test.cpp b/tests/component/update_verifier_test.cpp index f6ef6dcfd..a97071635 100644 --- a/tests/component/update_verifier_test.cpp +++ b/tests/component/update_verifier_test.cpp @@ -14,14 +14,20 @@ * limitations under the License. */ +#include + #include +#include +#include #include #include #include #include +#include #include -#include + +#include "care_map.pb.h" class UpdateVerifierTest : public ::testing::Test { protected: @@ -30,7 +36,30 @@ class UpdateVerifierTest : public ::testing::Test { verity_supported = android::base::EqualsIgnoreCase(verity_mode, "enforcing"); } + // Returns a serialized string of the proto3 message according to the given partition info. + std::string ConstructProto( + std::vector>& partitions) { + UpdateVerifier::CareMap result; + for (const auto& partition : partitions) { + UpdateVerifier::CareMap::PartitionInfo info; + if (partition.find("name") != partition.end()) { + info.set_name(partition.at("name")); + } + if (partition.find("ranges") != partition.end()) { + info.set_ranges(partition.at("ranges")); + } + if (partition.find("fingerprint") != partition.end()) { + info.set_fingerprint(partition.at("fingerprint")); + } + + *result.add_partitions() = info; + } + + return result.SerializeAsString(); + } + bool verity_supported; + TemporaryFile care_map_file; }; TEST_F(UpdateVerifierTest, verify_image_no_care_map) { @@ -45,26 +74,26 @@ TEST_F(UpdateVerifierTest, verify_image_smoke) { return; } - TemporaryFile temp_file; std::string content = "system\n2,0,1"; - ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path)); - ASSERT_TRUE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile(content, care_map_file.path)); + ASSERT_TRUE(verify_image(care_map_file.path)); // Leading and trailing newlines should be accepted. - ASSERT_TRUE(android::base::WriteStringToFile("\n" + content + "\n\n", temp_file.path)); - ASSERT_TRUE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile("\n" + content + "\n\n", care_map_file.path)); + ASSERT_TRUE(verify_image(care_map_file.path)); +} + +TEST_F(UpdateVerifierTest, verify_image_empty_care_map) { + ASSERT_FALSE(verify_image(care_map_file.path)); } TEST_F(UpdateVerifierTest, verify_image_wrong_lines) { // The care map file can have only 2 / 4 / 6 lines. - TemporaryFile temp_file; - ASSERT_FALSE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile("line1", care_map_file.path)); + ASSERT_FALSE(verify_image(care_map_file.path)); - ASSERT_TRUE(android::base::WriteStringToFile("line1", temp_file.path)); - ASSERT_FALSE(verify_image(temp_file.path)); - - ASSERT_TRUE(android::base::WriteStringToFile("line1\nline2\nline3", temp_file.path)); - ASSERT_FALSE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile("line1\nline2\nline3", care_map_file.path)); + ASSERT_FALSE(verify_image(care_map_file.path)); } TEST_F(UpdateVerifierTest, verify_image_malformed_care_map) { @@ -74,10 +103,9 @@ TEST_F(UpdateVerifierTest, verify_image_malformed_care_map) { return; } - TemporaryFile temp_file; std::string content = "system\n2,1,0"; - ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path)); - ASSERT_FALSE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile(content, care_map_file.path)); + ASSERT_FALSE(verify_image(care_map_file.path)); } TEST_F(UpdateVerifierTest, verify_image_legacy_care_map) { @@ -87,8 +115,55 @@ TEST_F(UpdateVerifierTest, verify_image_legacy_care_map) { return; } - TemporaryFile temp_file; std::string content = "/dev/block/bootdevice/by-name/system\n2,1,0"; - ASSERT_TRUE(android::base::WriteStringToFile(content, temp_file.path)); - ASSERT_TRUE(verify_image(temp_file.path)); + ASSERT_TRUE(android::base::WriteStringToFile(content, care_map_file.path)); + ASSERT_TRUE(verify_image(care_map_file.path)); +} + +TEST_F(UpdateVerifierTest, verify_image_protobuf_care_map_smoke) { + // This test relies on dm-verity support. + if (!verity_supported) { + GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support."; + return; + } + + std::vector> partitions = { + { { "name", "system" }, { "ranges", "2,0,1" } }, + }; + + std::string proto = ConstructProto(partitions); + ASSERT_TRUE(android::base::WriteStringToFile(proto, care_map_file.path)); + ASSERT_TRUE(verify_image(care_map_file.path)); +} + +TEST_F(UpdateVerifierTest, verify_image_protobuf_care_map_missing_name) { + // This test relies on dm-verity support. + if (!verity_supported) { + GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support."; + return; + } + + std::vector> partitions = { + { { "ranges", "2,0,1" } }, + }; + + std::string proto = ConstructProto(partitions); + ASSERT_TRUE(android::base::WriteStringToFile(proto, care_map_file.path)); + ASSERT_FALSE(verify_image(care_map_file.path)); +} + +TEST_F(UpdateVerifierTest, verify_image_protobuf_care_map_bad_ranges) { + // This test relies on dm-verity support. + if (!verity_supported) { + GTEST_LOG_(INFO) << "Test skipped on devices without dm-verity support."; + return; + } + + std::vector> partitions = { + { { "name", "system" }, { "ranges", "3,0,1" } }, + }; + + std::string proto = ConstructProto(partitions); + ASSERT_TRUE(android::base::WriteStringToFile(proto, care_map_file.path)); + ASSERT_FALSE(verify_image(care_map_file.path)); } -- cgit v1.2.3