1*7ba4dab5SXin Li //
2*7ba4dab5SXin Li // Copyright (C) 2016 The Android Open Source Project
3*7ba4dab5SXin Li //
4*7ba4dab5SXin Li // Licensed under the Apache License, Version 2.0 (the "License");
5*7ba4dab5SXin Li // you may not use this file except in compliance with the License.
6*7ba4dab5SXin Li // You may obtain a copy of the License at
7*7ba4dab5SXin Li //
8*7ba4dab5SXin Li // http://www.apache.org/licenses/LICENSE-2.0
9*7ba4dab5SXin Li //
10*7ba4dab5SXin Li // Unless required by applicable law or agreed to in writing, software
11*7ba4dab5SXin Li // distributed under the License is distributed on an "AS IS" BASIS,
12*7ba4dab5SXin Li // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13*7ba4dab5SXin Li // See the License for the specific language governing permissions and
14*7ba4dab5SXin Li // limitations under the License.
15*7ba4dab5SXin Li //
16*7ba4dab5SXin Li
17*7ba4dab5SXin Li #include <algorithm>
18*7ba4dab5SXin Li #include <string>
19*7ba4dab5SXin Li #include <vector>
20*7ba4dab5SXin Li
21*7ba4dab5SXin Li #include <android-base/logging.h>
22*7ba4dab5SXin Li #include <android-base/macros.h>
23*7ba4dab5SXin Li #include <gtest/gtest.h>
24*7ba4dab5SXin Li #include <hardware/nvram.h>
25*7ba4dab5SXin Li #include <openssl/sha.h>
26*7ba4dab5SXin Li
27*7ba4dab5SXin Li #include "nvram/hal/tests/scoped_nvram_device.h"
28*7ba4dab5SXin Li
29*7ba4dab5SXin Li namespace {
30*7ba4dab5SXin Li
31*7ba4dab5SXin Li constexpr uint32_t kTestIndex1 = 0xDEAD0001;
32*7ba4dab5SXin Li constexpr uint32_t kTestIndex2 = 0xDEAD0002;
33*7ba4dab5SXin Li constexpr uint32_t kTestIndexNeverExists = 0xDEAD0003;
34*7ba4dab5SXin Li // Once we run a test that locks writing, that space is burned until reboot.
35*7ba4dab5SXin Li // This value is the base index from which to dynamically burn spaces.
36*7ba4dab5SXin Li constexpr uint32_t kTestIndexBurnBase = 0xDEAD0010;
37*7ba4dab5SXin Li constexpr uint32_t kTestIndexBurnMax = 0xDEAD00FF;
38*7ba4dab5SXin Li constexpr nvram_control_t kDefaultControls[] = {NV_CONTROL_BOOT_WRITE_LOCK,
39*7ba4dab5SXin Li NV_CONTROL_BOOT_READ_LOCK};
40*7ba4dab5SXin Li constexpr char kNoAuth[] = "";
41*7ba4dab5SXin Li // If using authorization with an index returned by GetNextBurnSpace use this
42*7ba4dab5SXin Li // as the value so the space can be cleaned up later.
43*7ba4dab5SXin Li constexpr char kBurnSpaceAuth[] = "hal_test_burn";
44*7ba4dab5SXin Li
45*7ba4dab5SXin Li // Returns true if |target| contains |value|.
46*7ba4dab5SXin Li template <typename T>
Contains(T value,const std::vector<T> & target)47*7ba4dab5SXin Li bool Contains(T value, const std::vector<T>& target) {
48*7ba4dab5SXin Li return (std::find(target.begin(), target.end(), value) != target.end());
49*7ba4dab5SXin Li }
50*7ba4dab5SXin Li
51*7ba4dab5SXin Li // Returns true if |target| contains all of |values|.
52*7ba4dab5SXin Li template <typename T>
ContainsAll(const std::vector<T> & values,const std::vector<T> & target)53*7ba4dab5SXin Li bool ContainsAll(const std::vector<T>& values,
54*7ba4dab5SXin Li const std::vector<T>& target) {
55*7ba4dab5SXin Li return std::all_of(values.begin(), values.end(),
56*7ba4dab5SXin Li [target](T value) { return Contains(value, target); });
57*7ba4dab5SXin Li }
58*7ba4dab5SXin Li
59*7ba4dab5SXin Li // Adds a few safety checks so tests don't get hardware into a state where it
60*7ba4dab5SXin Li // needs factory reset.
61*7ba4dab5SXin Li class SafeScopedNvramDevice : public nvram::ScopedNvramDevice {
62*7ba4dab5SXin Li public:
CreateSpace(uint32_t index,uint64_t size_in_bytes,const std::vector<nvram_control_t> & control_list,const std::string & authorization_value)63*7ba4dab5SXin Li nvram_result_t CreateSpace(uint32_t index,
64*7ba4dab5SXin Li uint64_t size_in_bytes,
65*7ba4dab5SXin Li const std::vector<nvram_control_t>& control_list,
66*7ba4dab5SXin Li const std::string& authorization_value) override {
67*7ba4dab5SXin Li CHECK(!Contains(NV_CONTROL_PERSISTENT_WRITE_LOCK, control_list))
68*7ba4dab5SXin Li << "Do not use NV_CONTROL_PERSISTENT_WRITE_LOCK in tests.";
69*7ba4dab5SXin Li CHECK(!Contains(NV_CONTROL_BOOT_WRITE_LOCK, control_list) ||
70*7ba4dab5SXin Li !Contains(NV_CONTROL_WRITE_AUTHORIZATION, control_list) ||
71*7ba4dab5SXin Li authorization_value == kNoAuth ||
72*7ba4dab5SXin Li authorization_value == kBurnSpaceAuth)
73*7ba4dab5SXin Li << "Do not lock spaces with unknown authorization values.";
74*7ba4dab5SXin Li return nvram::ScopedNvramDevice::CreateSpace(
75*7ba4dab5SXin Li index, size_in_bytes, control_list, authorization_value);
76*7ba4dab5SXin Li }
77*7ba4dab5SXin Li
DisableCreate()78*7ba4dab5SXin Li nvram_result_t DisableCreate() override {
79*7ba4dab5SXin Li LOG(FATAL) << "Do not use DisableCreate in tests.";
80*7ba4dab5SXin Li return NV_RESULT_OPERATION_DISABLED;
81*7ba4dab5SXin Li }
82*7ba4dab5SXin Li };
83*7ba4dab5SXin Li
84*7ba4dab5SXin Li class ScopedNvramSpace {
85*7ba4dab5SXin Li public:
ScopedNvramSpace(SafeScopedNvramDevice * device,uint32_t index,uint32_t size)86*7ba4dab5SXin Li ScopedNvramSpace(SafeScopedNvramDevice* device, uint32_t index, uint32_t size)
87*7ba4dab5SXin Li : ScopedNvramSpace(device,
88*7ba4dab5SXin Li index,
89*7ba4dab5SXin Li size,
90*7ba4dab5SXin Li std::vector<nvram_control_t>(
91*7ba4dab5SXin Li &kDefaultControls[0],
92*7ba4dab5SXin Li &kDefaultControls[arraysize(kDefaultControls)]),
93*7ba4dab5SXin Li kNoAuth) {}
94*7ba4dab5SXin Li
ScopedNvramSpace(SafeScopedNvramDevice * device,uint32_t index,uint32_t size,const std::vector<nvram_control_t> & control_list)95*7ba4dab5SXin Li ScopedNvramSpace(SafeScopedNvramDevice* device,
96*7ba4dab5SXin Li uint32_t index,
97*7ba4dab5SXin Li uint32_t size,
98*7ba4dab5SXin Li const std::vector<nvram_control_t>& control_list)
99*7ba4dab5SXin Li : ScopedNvramSpace(device,
100*7ba4dab5SXin Li index,
101*7ba4dab5SXin Li size,
102*7ba4dab5SXin Li control_list,
103*7ba4dab5SXin Li kNoAuth) {}
104*7ba4dab5SXin Li
ScopedNvramSpace(SafeScopedNvramDevice * device,uint32_t index,uint32_t size,const std::vector<nvram_control_t> & control_list,const std::string & authorization_value)105*7ba4dab5SXin Li ScopedNvramSpace(SafeScopedNvramDevice* device,
106*7ba4dab5SXin Li uint32_t index,
107*7ba4dab5SXin Li uint32_t size,
108*7ba4dab5SXin Li const std::vector<nvram_control_t>& control_list,
109*7ba4dab5SXin Li const std::string& authorization_value)
110*7ba4dab5SXin Li : device_(device),
111*7ba4dab5SXin Li index_(index),
112*7ba4dab5SXin Li authorization_value_(authorization_value) {
113*7ba4dab5SXin Li Create(size, control_list);
114*7ba4dab5SXin Li }
115*7ba4dab5SXin Li
~ScopedNvramSpace()116*7ba4dab5SXin Li ~ScopedNvramSpace() { Delete(); }
117*7ba4dab5SXin Li
118*7ba4dab5SXin Li private:
Create(uint32_t size,const std::vector<nvram_control_t> & control_list)119*7ba4dab5SXin Li void Create(uint32_t size,
120*7ba4dab5SXin Li const std::vector<nvram_control_t>& control_list) {
121*7ba4dab5SXin Li ASSERT_EQ(
122*7ba4dab5SXin Li NV_RESULT_SUCCESS,
123*7ba4dab5SXin Li device_->CreateSpace(index_, size, control_list, authorization_value_));
124*7ba4dab5SXin Li }
125*7ba4dab5SXin Li
Delete()126*7ba4dab5SXin Li void Delete() {
127*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
128*7ba4dab5SXin Li device_->DeleteSpace(index_, authorization_value_));
129*7ba4dab5SXin Li }
130*7ba4dab5SXin Li
131*7ba4dab5SXin Li SafeScopedNvramDevice* device_;
132*7ba4dab5SXin Li uint32_t index_;
133*7ba4dab5SXin Li std::string authorization_value_;
134*7ba4dab5SXin Li };
135*7ba4dab5SXin Li
136*7ba4dab5SXin Li // Remove all unlocked burn spaces. Returns false on failure.
CleanBurnSpaces(SafeScopedNvramDevice * device)137*7ba4dab5SXin Li bool CleanBurnSpaces(SafeScopedNvramDevice* device) {
138*7ba4dab5SXin Li // Burned spaces will only be available for cleanup after reboot so there's no
139*7ba4dab5SXin Li // sense in attempting cleanup more than once.
140*7ba4dab5SXin Li static bool cleaned = false;
141*7ba4dab5SXin Li if (cleaned) {
142*7ba4dab5SXin Li return true;
143*7ba4dab5SXin Li }
144*7ba4dab5SXin Li bool success = true;
145*7ba4dab5SXin Li cleaned = true;
146*7ba4dab5SXin Li std::vector<uint32_t> space_index_list;
147*7ba4dab5SXin Li if (device->GetSpaceList(&space_index_list) != NV_RESULT_SUCCESS) {
148*7ba4dab5SXin Li return false;
149*7ba4dab5SXin Li }
150*7ba4dab5SXin Li for (uint32_t index : space_index_list) {
151*7ba4dab5SXin Li if (index >= kTestIndexBurnBase && index <= kTestIndexBurnMax) {
152*7ba4dab5SXin Li int write_lock, read_lock;
153*7ba4dab5SXin Li if (device->IsSpaceLocked(index, &write_lock, &read_lock) !=
154*7ba4dab5SXin Li NV_RESULT_SUCCESS) {
155*7ba4dab5SXin Li success = false;
156*7ba4dab5SXin Li continue;
157*7ba4dab5SXin Li }
158*7ba4dab5SXin Li if (!write_lock) {
159*7ba4dab5SXin Li nvram_result_t result = device->DeleteSpace(index, kNoAuth);
160*7ba4dab5SXin Li if (result == NV_RESULT_ACCESS_DENIED) {
161*7ba4dab5SXin Li result = device->DeleteSpace(index, kBurnSpaceAuth);
162*7ba4dab5SXin Li }
163*7ba4dab5SXin Li if (result != NV_RESULT_SUCCESS) {
164*7ba4dab5SXin Li success = false;
165*7ba4dab5SXin Li continue;
166*7ba4dab5SXin Li }
167*7ba4dab5SXin Li }
168*7ba4dab5SXin Li }
169*7ba4dab5SXin Li }
170*7ba4dab5SXin Li return success;
171*7ba4dab5SXin Li }
172*7ba4dab5SXin Li
173*7ba4dab5SXin Li // Returns the next available burn space index. If using authorization, the
174*7ba4dab5SXin Li // value MUST be kBurnSpaceAuth.
GetNextBurnSpace(SafeScopedNvramDevice * device,uint32_t * index)175*7ba4dab5SXin Li bool GetNextBurnSpace(SafeScopedNvramDevice* device, uint32_t* index) {
176*7ba4dab5SXin Li if (!CleanBurnSpaces(device)) {
177*7ba4dab5SXin Li return false;
178*7ba4dab5SXin Li }
179*7ba4dab5SXin Li std::vector<uint32_t> space_index_list;
180*7ba4dab5SXin Li if (device->GetSpaceList(&space_index_list) != NV_RESULT_SUCCESS) {
181*7ba4dab5SXin Li return false;
182*7ba4dab5SXin Li }
183*7ba4dab5SXin Li *index = kTestIndexBurnBase;
184*7ba4dab5SXin Li while (Contains(*index, space_index_list)) {
185*7ba4dab5SXin Li (*index)++;
186*7ba4dab5SXin Li }
187*7ba4dab5SXin Li if (*index >= kTestIndexBurnMax) {
188*7ba4dab5SXin Li return false;
189*7ba4dab5SXin Li }
190*7ba4dab5SXin Li return true;
191*7ba4dab5SXin Li }
192*7ba4dab5SXin Li
SHA256HashString(const std::string & input)193*7ba4dab5SXin Li std::string SHA256HashString(const std::string& input) {
194*7ba4dab5SXin Li uint8_t hash[SHA256_DIGEST_LENGTH];
195*7ba4dab5SXin Li SHA256(reinterpret_cast<const uint8_t*>(input.data()), input.size(), hash);
196*7ba4dab5SXin Li return std::string(reinterpret_cast<const char*>(hash), SHA256_DIGEST_LENGTH);
197*7ba4dab5SXin Li }
198*7ba4dab5SXin Li
199*7ba4dab5SXin Li } // namespace
200*7ba4dab5SXin Li
201*7ba4dab5SXin Li namespace nvram {
202*7ba4dab5SXin Li
TEST(NVRAMModuleTest,TotalSize)203*7ba4dab5SXin Li TEST(NVRAMModuleTest, TotalSize) {
204*7ba4dab5SXin Li SafeScopedNvramDevice device;
205*7ba4dab5SXin Li uint64_t total_size = 0;
206*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetTotalSizeInBytes(&total_size));
207*7ba4dab5SXin Li EXPECT_LE(2048u, total_size);
208*7ba4dab5SXin Li };
209*7ba4dab5SXin Li
TEST(NVRAMModuleTest,AvailableSize)210*7ba4dab5SXin Li TEST(NVRAMModuleTest, AvailableSize) {
211*7ba4dab5SXin Li SafeScopedNvramDevice device;
212*7ba4dab5SXin Li uint64_t available_size = 0;
213*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetAvailableSizeInBytes(&available_size));
214*7ba4dab5SXin Li uint64_t total_size = 0;
215*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetTotalSizeInBytes(&total_size));
216*7ba4dab5SXin Li EXPECT_LE(available_size, total_size);
217*7ba4dab5SXin Li }
218*7ba4dab5SXin Li
TEST(NVRAMModuleTest,MaxSpaceSize)219*7ba4dab5SXin Li TEST(NVRAMModuleTest, MaxSpaceSize) {
220*7ba4dab5SXin Li SafeScopedNvramDevice device;
221*7ba4dab5SXin Li uint64_t max_space_size = 0;
222*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetMaxSpaceSizeInBytes(&max_space_size));
223*7ba4dab5SXin Li uint64_t total_size = 0;
224*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetTotalSizeInBytes(&total_size));
225*7ba4dab5SXin Li EXPECT_LE(max_space_size, total_size);
226*7ba4dab5SXin Li EXPECT_GE(max_space_size, 32u);
227*7ba4dab5SXin Li }
228*7ba4dab5SXin Li
TEST(NVRAMModuleTest,MaxSpaces)229*7ba4dab5SXin Li TEST(NVRAMModuleTest, MaxSpaces) {
230*7ba4dab5SXin Li SafeScopedNvramDevice device;
231*7ba4dab5SXin Li uint32_t num_spaces = 0;
232*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetMaxSpaces(&num_spaces));
233*7ba4dab5SXin Li EXPECT_LE(8u, num_spaces);
234*7ba4dab5SXin Li }
235*7ba4dab5SXin Li
TEST(NVRAMModuleTest,SpaceList)236*7ba4dab5SXin Li TEST(NVRAMModuleTest, SpaceList) {
237*7ba4dab5SXin Li SafeScopedNvramDevice device;
238*7ba4dab5SXin Li uint32_t max_spaces = 0;
239*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetMaxSpaces(&max_spaces));
240*7ba4dab5SXin Li std::vector<uint32_t> space_index_list;
241*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetSpaceList(&space_index_list));
242*7ba4dab5SXin Li ASSERT_LE(space_index_list.size(), max_spaces);
243*7ba4dab5SXin Li
244*7ba4dab5SXin Li // Add a test space and check it gets reported.
245*7ba4dab5SXin Li {
246*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32);
247*7ba4dab5SXin Li std::vector<uint32_t> space_index_list2;
248*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetSpaceList(&space_index_list2));
249*7ba4dab5SXin Li ASSERT_EQ(space_index_list.size() + 1, space_index_list2.size());
250*7ba4dab5SXin Li EXPECT_TRUE(ContainsAll(space_index_list, space_index_list2));
251*7ba4dab5SXin Li EXPECT_TRUE(Contains(kTestIndex1, space_index_list2));
252*7ba4dab5SXin Li }
253*7ba4dab5SXin Li
254*7ba4dab5SXin Li // Check we're back to the original list.
255*7ba4dab5SXin Li std::vector<uint32_t> space_index_list3;
256*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetSpaceList(&space_index_list3));
257*7ba4dab5SXin Li ASSERT_EQ(space_index_list.size(), space_index_list3.size());
258*7ba4dab5SXin Li EXPECT_TRUE(ContainsAll(space_index_list, space_index_list3));
259*7ba4dab5SXin Li EXPECT_FALSE(Contains(kTestIndex1, space_index_list3));
260*7ba4dab5SXin Li }
261*7ba4dab5SXin Li
TEST(NVRAMModuleTest,SpaceSize)262*7ba4dab5SXin Li TEST(NVRAMModuleTest, SpaceSize) {
263*7ba4dab5SXin Li SafeScopedNvramDevice device;
264*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 17);
265*7ba4dab5SXin Li ScopedNvramSpace space2(&device, kTestIndex2, 32);
266*7ba4dab5SXin Li uint64_t size = 0;
267*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetSpaceSize(kTestIndex1, &size));
268*7ba4dab5SXin Li EXPECT_EQ(17u, size);
269*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetSpaceSize(kTestIndex2, &size));
270*7ba4dab5SXin Li EXPECT_EQ(32u, size);
271*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
272*7ba4dab5SXin Li device.GetSpaceSize(kTestIndexNeverExists, &size));
273*7ba4dab5SXin Li }
274*7ba4dab5SXin Li
TEST(NVRAMModuleTest,SpaceControls)275*7ba4dab5SXin Li TEST(NVRAMModuleTest, SpaceControls) {
276*7ba4dab5SXin Li SafeScopedNvramDevice device;
277*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32);
278*7ba4dab5SXin Li std::vector<nvram_control_t> expected_control_list(
279*7ba4dab5SXin Li &kDefaultControls[0], &kDefaultControls[arraysize(kDefaultControls)]);
280*7ba4dab5SXin Li std::vector<nvram_control_t> control_list;
281*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
282*7ba4dab5SXin Li device.GetSpaceControls(kTestIndex1, &control_list));
283*7ba4dab5SXin Li ASSERT_EQ(expected_control_list.size(), control_list.size());
284*7ba4dab5SXin Li EXPECT_TRUE(ContainsAll(expected_control_list, control_list));
285*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
286*7ba4dab5SXin Li device.GetSpaceControls(kTestIndexNeverExists, &control_list));
287*7ba4dab5SXin Li }
288*7ba4dab5SXin Li
TEST(NVRAMModuleTest,IsLocked)289*7ba4dab5SXin Li TEST(NVRAMModuleTest, IsLocked) {
290*7ba4dab5SXin Li SafeScopedNvramDevice device;
291*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32);
292*7ba4dab5SXin Li int write_lock, read_lock;
293*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
294*7ba4dab5SXin Li device.IsSpaceLocked(kTestIndex1, &write_lock, &read_lock));
295*7ba4dab5SXin Li EXPECT_FALSE(read_lock);
296*7ba4dab5SXin Li EXPECT_FALSE(write_lock);
297*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.EnableReadLock(kTestIndex1, kNoAuth));
298*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
299*7ba4dab5SXin Li device.IsSpaceLocked(kTestIndex1, &write_lock, &read_lock));
300*7ba4dab5SXin Li EXPECT_TRUE(read_lock);
301*7ba4dab5SXin Li EXPECT_FALSE(write_lock);
302*7ba4dab5SXin Li EXPECT_EQ(
303*7ba4dab5SXin Li NV_RESULT_SPACE_DOES_NOT_EXIST,
304*7ba4dab5SXin Li device.IsSpaceLocked(kTestIndexNeverExists, &write_lock, &read_lock));
305*7ba4dab5SXin Li }
306*7ba4dab5SXin Li
TEST(NVRAMModuleTest,CreateSmall)307*7ba4dab5SXin Li TEST(NVRAMModuleTest, CreateSmall) {
308*7ba4dab5SXin Li SafeScopedNvramDevice device;
309*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 1);
310*7ba4dab5SXin Li }
311*7ba4dab5SXin Li
TEST(NVRAMModuleTest,CreateLarge)312*7ba4dab5SXin Li TEST(NVRAMModuleTest, CreateLarge) {
313*7ba4dab5SXin Li SafeScopedNvramDevice device;
314*7ba4dab5SXin Li uint64_t max_space_size = 0;
315*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetMaxSpaceSizeInBytes(&max_space_size));
316*7ba4dab5SXin Li uint64_t available_size = 0;
317*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetAvailableSizeInBytes(&available_size));
318*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1,
319*7ba4dab5SXin Li std::min(max_space_size, available_size));
320*7ba4dab5SXin Li }
321*7ba4dab5SXin Li
TEST(NVRAMModuleTest,CreateWithCustomControls)322*7ba4dab5SXin Li TEST(NVRAMModuleTest, CreateWithCustomControls) {
323*7ba4dab5SXin Li const std::vector<nvram_control_t> kControlList{
324*7ba4dab5SXin Li NV_CONTROL_BOOT_WRITE_LOCK, NV_CONTROL_READ_AUTHORIZATION,
325*7ba4dab5SXin Li NV_CONTROL_WRITE_EXTEND};
326*7ba4dab5SXin Li SafeScopedNvramDevice device;
327*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32, kControlList);
328*7ba4dab5SXin Li std::vector<nvram_control_t> control_list;
329*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
330*7ba4dab5SXin Li device.GetSpaceControls(kTestIndex1, &control_list));
331*7ba4dab5SXin Li ASSERT_EQ(kControlList.size(), control_list.size());
332*7ba4dab5SXin Li EXPECT_TRUE(ContainsAll(control_list, kControlList));
333*7ba4dab5SXin Li EXPECT_TRUE(ContainsAll(kControlList, control_list));
334*7ba4dab5SXin Li }
335*7ba4dab5SXin Li
TEST(NVRAMModuleTest,CreateWithAuthorization)336*7ba4dab5SXin Li TEST(NVRAMModuleTest, CreateWithAuthorization) {
337*7ba4dab5SXin Li SafeScopedNvramDevice device;
338*7ba4dab5SXin Li std::string password = "hunter2";
339*7ba4dab5SXin Li ScopedNvramSpace space(
340*7ba4dab5SXin Li &device, kTestIndex1, 32,
341*7ba4dab5SXin Li {NV_CONTROL_WRITE_AUTHORIZATION, NV_CONTROL_READ_AUTHORIZATION},
342*7ba4dab5SXin Li password);
343*7ba4dab5SXin Li std::string data = "test";
344*7ba4dab5SXin Li std::string bad_password = "*******";
345*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED,
346*7ba4dab5SXin Li device.WriteSpace(kTestIndex1, data, bad_password));
347*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(kTestIndex1, data, password));
348*7ba4dab5SXin Li }
349*7ba4dab5SXin Li
TEST(NVRAMModuleTest,CreateAlreadyExists)350*7ba4dab5SXin Li TEST(NVRAMModuleTest, CreateAlreadyExists) {
351*7ba4dab5SXin Li SafeScopedNvramDevice device;
352*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32);
353*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_ALREADY_EXISTS,
354*7ba4dab5SXin Li device.CreateSpace(kTestIndex1, 32, {}, kNoAuth));
355*7ba4dab5SXin Li }
356*7ba4dab5SXin Li
TEST(NVRAMModuleTest,Delete)357*7ba4dab5SXin Li TEST(NVRAMModuleTest, Delete) {
358*7ba4dab5SXin Li SafeScopedNvramDevice device;
359*7ba4dab5SXin Li {
360*7ba4dab5SXin Li ScopedNvramSpace space(&device, kTestIndex1, 32);
361*7ba4dab5SXin Li uint64_t size = 0;
362*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.GetSpaceSize(kTestIndex1, &size));
363*7ba4dab5SXin Li }
364*7ba4dab5SXin Li // ScopedNvramSpace will call Delete when it falls out of scope. Now we can
365*7ba4dab5SXin Li // make sure that worked.
366*7ba4dab5SXin Li uint64_t size = 0;
367*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
368*7ba4dab5SXin Li device.GetSpaceSize(kTestIndex1, &size));
369*7ba4dab5SXin Li }
370*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteLock)371*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteLock) {
372*7ba4dab5SXin Li SafeScopedNvramDevice device;
373*7ba4dab5SXin Li uint32_t index;
374*7ba4dab5SXin Li ASSERT_TRUE(GetNextBurnSpace(&device, &index));
375*7ba4dab5SXin Li ASSERT_EQ(
376*7ba4dab5SXin Li NV_RESULT_SUCCESS,
377*7ba4dab5SXin Li device.CreateSpace(index, 32, {NV_CONTROL_BOOT_WRITE_LOCK}, kNoAuth));
378*7ba4dab5SXin Li int write_lock, read_lock;
379*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS,
380*7ba4dab5SXin Li device.IsSpaceLocked(index, &write_lock, &read_lock));
381*7ba4dab5SXin Li EXPECT_FALSE(write_lock);
382*7ba4dab5SXin Li EXPECT_FALSE(read_lock);
383*7ba4dab5SXin Li // It should be possible to delete if the space has not yet been locked.
384*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.DeleteSpace(index, kNoAuth));
385*7ba4dab5SXin Li ASSERT_EQ(
386*7ba4dab5SXin Li NV_RESULT_SUCCESS,
387*7ba4dab5SXin Li device.CreateSpace(index, 32, {NV_CONTROL_BOOT_WRITE_LOCK}, kNoAuth));
388*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test", kNoAuth));
389*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.EnableWriteLock(index, kNoAuth));
390*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS,
391*7ba4dab5SXin Li device.IsSpaceLocked(index, &write_lock, &read_lock));
392*7ba4dab5SXin Li EXPECT_TRUE(write_lock);
393*7ba4dab5SXin Li EXPECT_FALSE(read_lock);
394*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_OPERATION_DISABLED,
395*7ba4dab5SXin Li device.WriteSpace(index, "test2", kNoAuth));
396*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_OPERATION_DISABLED, device.DeleteSpace(index, kNoAuth));
397*7ba4dab5SXin Li std::string data;
398*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 4, kNoAuth, &data));
399*7ba4dab5SXin Li EXPECT_EQ("test", data);
400*7ba4dab5SXin Li }
401*7ba4dab5SXin Li
TEST(NVRAMModuleTest,ReadLock)402*7ba4dab5SXin Li TEST(NVRAMModuleTest, ReadLock) {
403*7ba4dab5SXin Li uint32_t index = kTestIndex1;
404*7ba4dab5SXin Li SafeScopedNvramDevice device;
405*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32, {NV_CONTROL_BOOT_READ_LOCK});
406*7ba4dab5SXin Li int write_lock, read_lock;
407*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS,
408*7ba4dab5SXin Li device.IsSpaceLocked(index, &write_lock, &read_lock));
409*7ba4dab5SXin Li EXPECT_FALSE(write_lock);
410*7ba4dab5SXin Li EXPECT_FALSE(read_lock);
411*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test", kNoAuth));
412*7ba4dab5SXin Li std::string data;
413*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 4, kNoAuth, &data));
414*7ba4dab5SXin Li EXPECT_EQ("test", data);
415*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.EnableReadLock(index, kNoAuth));
416*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS,
417*7ba4dab5SXin Li device.IsSpaceLocked(index, &write_lock, &read_lock));
418*7ba4dab5SXin Li EXPECT_FALSE(write_lock);
419*7ba4dab5SXin Li EXPECT_TRUE(read_lock);
420*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_OPERATION_DISABLED,
421*7ba4dab5SXin Li device.ReadSpace(index, 4, kNoAuth, &data));
422*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test2", kNoAuth));
423*7ba4dab5SXin Li }
424*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteAuthorization)425*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteAuthorization) {
426*7ba4dab5SXin Li uint32_t index = kTestIndex1;
427*7ba4dab5SXin Li std::string password = "hunter2";
428*7ba4dab5SXin Li SafeScopedNvramDevice device;
429*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32, {NV_CONTROL_WRITE_AUTHORIZATION},
430*7ba4dab5SXin Li password);
431*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test", password));
432*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED,
433*7ba4dab5SXin Li device.WriteSpace(index, "test2", kNoAuth));
434*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED,
435*7ba4dab5SXin Li device.WriteSpace(index, "test3", "bad_password"));
436*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.DeleteSpace(index, kNoAuth));
437*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.DeleteSpace(index, "bad"));
438*7ba4dab5SXin Li std::string data;
439*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 4, kNoAuth, &data));
440*7ba4dab5SXin Li EXPECT_EQ("test", data);
441*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 4, password, &data));
442*7ba4dab5SXin Li }
443*7ba4dab5SXin Li
TEST(NVRAMModuleTest,ReadAuthorization)444*7ba4dab5SXin Li TEST(NVRAMModuleTest, ReadAuthorization) {
445*7ba4dab5SXin Li uint32_t index = kTestIndex1;
446*7ba4dab5SXin Li std::string password = "hunter2";
447*7ba4dab5SXin Li SafeScopedNvramDevice device;
448*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32, {NV_CONTROL_READ_AUTHORIZATION},
449*7ba4dab5SXin Li password);
450*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test", password));
451*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test2", kNoAuth));
452*7ba4dab5SXin Li std::string data;
453*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 4, password, &data));
454*7ba4dab5SXin Li EXPECT_EQ("test", data);
455*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED,
456*7ba4dab5SXin Li device.ReadSpace(index, 4, kNoAuth, &data));
457*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED,
458*7ba4dab5SXin Li device.ReadSpace(index, 4, "bad_password", &data));
459*7ba4dab5SXin Li }
460*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteLockAuthorization)461*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteLockAuthorization) {
462*7ba4dab5SXin Li SafeScopedNvramDevice device;
463*7ba4dab5SXin Li uint32_t index;
464*7ba4dab5SXin Li ASSERT_TRUE(GetNextBurnSpace(&device, &index));
465*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS,
466*7ba4dab5SXin Li device.CreateSpace(index, 32, {NV_CONTROL_BOOT_WRITE_LOCK,
467*7ba4dab5SXin Li NV_CONTROL_BOOT_READ_LOCK,
468*7ba4dab5SXin Li NV_CONTROL_WRITE_AUTHORIZATION},
469*7ba4dab5SXin Li kBurnSpaceAuth));
470*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.EnableReadLock(index, kNoAuth));
471*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.EnableWriteLock(index, kNoAuth));
472*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.EnableWriteLock(index, "bad"));
473*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.EnableWriteLock(index, kBurnSpaceAuth));
474*7ba4dab5SXin Li }
475*7ba4dab5SXin Li
TEST(NVRAMModuleTest,ReadLockAuthorization)476*7ba4dab5SXin Li TEST(NVRAMModuleTest, ReadLockAuthorization) {
477*7ba4dab5SXin Li uint32_t index = kTestIndex1;
478*7ba4dab5SXin Li std::string password = "hunter2";
479*7ba4dab5SXin Li SafeScopedNvramDevice device;
480*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32,
481*7ba4dab5SXin Li {NV_CONTROL_BOOT_WRITE_LOCK, NV_CONTROL_BOOT_READ_LOCK,
482*7ba4dab5SXin Li NV_CONTROL_READ_AUTHORIZATION},
483*7ba4dab5SXin Li password);
484*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.EnableReadLock(index, kNoAuth));
485*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_ACCESS_DENIED, device.EnableReadLock(index, "bad"));
486*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.EnableReadLock(index, password));
487*7ba4dab5SXin Li }
488*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteExtend)489*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteExtend) {
490*7ba4dab5SXin Li uint32_t index = kTestIndex1;
491*7ba4dab5SXin Li SafeScopedNvramDevice device;
492*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32, {NV_CONTROL_WRITE_EXTEND});
493*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test", kNoAuth));
494*7ba4dab5SXin Li std::string data;
495*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 32, kNoAuth, &data));
496*7ba4dab5SXin Li std::string hash1 = SHA256HashString(std::string(32, 0) + "test");
497*7ba4dab5SXin Li EXPECT_EQ(hash1, data);
498*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.WriteSpace(index, "test2", kNoAuth));
499*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 32, kNoAuth, &data));
500*7ba4dab5SXin Li std::string hash2 = SHA256HashString(hash1 + "test2");
501*7ba4dab5SXin Li EXPECT_EQ(hash2, data);
502*7ba4dab5SXin Li }
503*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteExtendTooShort)504*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteExtendTooShort) {
505*7ba4dab5SXin Li uint32_t index = kTestIndex1;
506*7ba4dab5SXin Li SafeScopedNvramDevice device;
507*7ba4dab5SXin Li // Only SHA-256 is supported. Try 20 which is SHA-1 output.
508*7ba4dab5SXin Li EXPECT_EQ(
509*7ba4dab5SXin Li NV_RESULT_INVALID_PARAMETER,
510*7ba4dab5SXin Li device.CreateSpace(index, 20, {NV_CONTROL_WRITE_EXTEND}, kNoAuth));
511*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
512*7ba4dab5SXin Li device.WriteSpace(index, "test", kNoAuth));
513*7ba4dab5SXin Li }
514*7ba4dab5SXin Li
TEST(NVRAMModuleTest,WriteExtendTooLong)515*7ba4dab5SXin Li TEST(NVRAMModuleTest, WriteExtendTooLong) {
516*7ba4dab5SXin Li uint32_t index = kTestIndex1;
517*7ba4dab5SXin Li SafeScopedNvramDevice device;
518*7ba4dab5SXin Li uint64_t max_space_size = 0;
519*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.GetMaxSpaceSizeInBytes(&max_space_size));
520*7ba4dab5SXin Li if (max_space_size > 32) {
521*7ba4dab5SXin Li // Only SHA-256 is supported. Try 64 which is SHA-512 output.
522*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_INVALID_PARAMETER,
523*7ba4dab5SXin Li device.CreateSpace(index, std::min<uint64_t>(max_space_size, 64),
524*7ba4dab5SXin Li {NV_CONTROL_WRITE_EXTEND}, kNoAuth));
525*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
526*7ba4dab5SXin Li device.WriteSpace(index, "test", kNoAuth));
527*7ba4dab5SXin Li }
528*7ba4dab5SXin Li }
529*7ba4dab5SXin Li
TEST(NVRAMModuleTest,InitialValue)530*7ba4dab5SXin Li TEST(NVRAMModuleTest, InitialValue) {
531*7ba4dab5SXin Li uint32_t index = kTestIndex1;
532*7ba4dab5SXin Li SafeScopedNvramDevice device;
533*7ba4dab5SXin Li ScopedNvramSpace space(&device, index, 32);
534*7ba4dab5SXin Li std::string data;
535*7ba4dab5SXin Li ASSERT_EQ(NV_RESULT_SUCCESS, device.ReadSpace(index, 32, kNoAuth, &data));
536*7ba4dab5SXin Li EXPECT_EQ(std::string(32, 0), data);
537*7ba4dab5SXin Li }
538*7ba4dab5SXin Li
TEST(NVRAMModuleTest,ReadWriteSpaceDoesNotExist)539*7ba4dab5SXin Li TEST(NVRAMModuleTest, ReadWriteSpaceDoesNotExist) {
540*7ba4dab5SXin Li uint32_t index = kTestIndexNeverExists;
541*7ba4dab5SXin Li SafeScopedNvramDevice device;
542*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
543*7ba4dab5SXin Li device.WriteSpace(index, "test", kNoAuth));
544*7ba4dab5SXin Li std::string data;
545*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
546*7ba4dab5SXin Li device.ReadSpace(index, 1, kNoAuth, &data));
547*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
548*7ba4dab5SXin Li device.EnableWriteLock(index, kNoAuth));
549*7ba4dab5SXin Li EXPECT_EQ(NV_RESULT_SPACE_DOES_NOT_EXIST,
550*7ba4dab5SXin Li device.EnableReadLock(index, kNoAuth));
551*7ba4dab5SXin Li }
552*7ba4dab5SXin Li
553*7ba4dab5SXin Li } // namespace nvram
554