diff options
author | Chris Engel <cjengel@us.ibm.com> | 2015-08-03 16:01:14 -0500 |
---|---|---|
committer | A. Patrick Williams III <iawillia@us.ibm.com> | 2015-12-11 11:17:32 -0600 |
commit | e914974751a5125cff6fa7078399db6f3aac5641 (patch) | |
tree | 4f50b6677a2a0111f98884813ff7e028459bcca2 /src/usr/secureboot/trusted/test/trustedbootTest.H | |
parent | 0cbd52585b9013430efeaeed6b4c38f6122eea98 (diff) | |
download | talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.tar.gz talos-hostboot-e914974751a5125cff6fa7078399db6f3aac5641.zip |
Trustedboot: Additional commands in trusted boot init sequence
- getCap FW Version
- TPM Command marshal/unmarshal code
Change-Id: Ia9a90b1160c9c3b5d818318771bff21eb013bdf4
RTC: 125287
Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/20056
Tested-by: Jenkins Server
Tested-by: Jenkins OP Build CI
Reviewed-by: STEPHEN M. CPREK <smcprek@us.ibm.com>
Reviewed-by: Timothy R. Block <block@us.ibm.com>
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot/trusted/test/trustedbootTest.H')
-rwxr-xr-x | src/usr/secureboot/trusted/test/trustedbootTest.H | 529 |
1 files changed, 529 insertions, 0 deletions
diff --git a/src/usr/secureboot/trusted/test/trustedbootTest.H b/src/usr/secureboot/trusted/test/trustedbootTest.H new file mode 100755 index 000000000..de2a2d8ed --- /dev/null +++ b/src/usr/secureboot/trusted/test/trustedbootTest.H @@ -0,0 +1,529 @@ +/* IBM_PROLOG_BEGIN_TAG */ +/* This is an automatically generated prolog. */ +/* */ +/* $Source: src/usr/secureboot/trusted/test/trustedbootTest.H $ */ +/* */ +/* OpenPOWER HostBoot Project */ +/* */ +/* Contributors Listed Below - COPYRIGHT 2015 */ +/* [+] International Business Machines Corp. */ +/* */ +/* */ +/* Licensed under the Apache License, Version 2.0 (the "License"); */ +/* you may not use this file except in compliance with the License. */ +/* You may obtain a copy of the License at */ +/* */ +/* http://www.apache.org/licenses/LICENSE-2.0 */ +/* */ +/* Unless required by applicable law or agreed to in writing, software */ +/* distributed under the License is distributed on an "AS IS" BASIS, */ +/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or */ +/* implied. See the License for the specific language governing */ +/* permissions and limitations under the License. */ +/* */ +/* IBM_PROLOG_END_TAG */ +#ifndef __TRUSTEDBOOTTEST_H +#define __TRUSTEDBOOTTEST_H + +/** + * @file trustedbootTest.H + * + * @brief Test cases for trustedboot + */ + +#include <sys/time.h> +#include <cxxtest/TestSuite.H> +#include <targeting/common/commontargeting.H> +#include <errl/errlmanager.H> +#include <errl/errlentry.H> +#include <i2c/tpmddif.H> +#include <secureboot/trustedbootif.H> +#include "../trustedTypes.H" +#include "../trustedboot.H" + +extern trace_desc_t* g_trac_trustedboot; + +// Easy macro replace for unit testing +//#define TRACUCOMP(args...) TRACFCOMP(args) +#define TRACUCOMP(args...) +//#define TRACUBIN(args...) TRACFBIN(args) +#define TRACUBIN(args...) + + +using namespace TRUSTEDBOOT; + + +class TrustedBootTest: public CxxTest::TestSuite +{ + public: + + + /** + * @brief Helper to run failing marshal tests + */ + void runTpmMarshalFailTest(TRUSTEDBOOT::TPM2_BaseIn* i_cmd, + uint8_t* o_outbuf, + size_t i_bufsize, + size_t & o_cmdSize, + const char* i_testName, + int64_t & io_num_ops, + int64_t & io_fails) + { + errlHndl_t err = NULL; + + err = tpmMarshalCommandData(i_cmd, + o_outbuf, + i_bufsize, + o_cmdSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmMarshalFailTest(%s) - Error not detected", + i_testName); + } + else + { + delete err; + err = NULL; + } + + } + /** + * @brief Helper to run marshal tests + */ + void runTpmMarshalTest(TRUSTEDBOOT::TPM2_BaseIn* i_cmd, + uint8_t* o_outbuf, + size_t i_bufsize, + size_t & o_cmdSize, + const char* i_testName, + int64_t & io_num_ops, + int64_t & io_fails, + size_t i_expSize) + { + errlHndl_t err = NULL; + TRUSTEDBOOT::TPM2_BaseIn* baseCmd = + reinterpret_cast<TRUSTEDBOOT::TPM2_BaseIn*>(o_outbuf); + + do + { + + + err = tpmMarshalCommandData(i_cmd, + o_outbuf, + i_bufsize, + o_cmdSize); + io_num_ops++; + if (NULL != err) + { + io_fails++; + TS_FAIL( "runTpmMarshalTest(%s) - Error detected", i_testName); + errlCommit( err, + TPMDD_COMP_ID ); + delete err; + err = NULL; + break; + } + io_num_ops++; + if (o_cmdSize == 0 || + o_cmdSize != baseCmd->commandSize || + o_cmdSize != i_expSize) + { + io_fails++; + TS_FAIL( "runTpmMarshalTest(%s) - Size Mismatch " + "oC %d aC %d Exp %d", + i_testName, o_cmdSize, + baseCmd->commandSize, i_expSize); + break; + } + + // Try some that should fail + err = tpmMarshalCommandData(i_cmd, + o_outbuf, + i_expSize-1, + o_cmdSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmMarshalTest(%s) - Size-1 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + + err = tpmMarshalCommandData(i_cmd, + o_outbuf, + i_expSize/2, + o_cmdSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmMarshalTest(%s) - Size/2 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + + err = tpmMarshalCommandData(i_cmd, + o_outbuf, + i_expSize/3, + o_cmdSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmMarshalTest(%s) - Size/3 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + + } while( 0 ); + } + + + /** + * @brief Helper to run failing unmarshal tests + */ + void runTpmUnmarshalFailTest(uint32_t i_commandCode, + uint8_t* i_respBuf, + size_t i_respBufSize, + TRUSTEDBOOT::TPM2_BaseOut* o_outBuf, + size_t i_outBufSize, + const char* i_testName, + int64_t & io_num_ops, + int64_t & io_fails) + { + errlHndl_t err = NULL; + + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + i_respBufSize, + o_outBuf, + i_outBufSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalFailTest(%s) - Error not detected", + i_testName); + } + else + { + delete err; + err = NULL; + } + + } + /** + * @brief Helper to run unmarshal tests + */ + void runTpmUnmarshalTest(uint32_t i_commandCode, + uint8_t* i_respBuf, + size_t i_respBufSize, + TRUSTEDBOOT::TPM2_BaseOut* o_outBuf, + size_t i_outBufSize, + const char* i_testName, + int64_t & io_num_ops, + int64_t & io_fails) + { + errlHndl_t err = NULL; + + do + { + + + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + i_respBufSize, + o_outBuf, + i_outBufSize); + io_num_ops++; + if (NULL != err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalTest(%s) - Error detected", + i_testName); + errlCommit( err, + TPMDD_COMP_ID ); + delete err; + err = NULL; + break; + } + + // Try some that should fail + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + 4, + o_outBuf, + i_outBufSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalTest(%s) - " + "RespBuf Size=4 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + + // If the response output buffer is more then just the base we + // can do another failing size verif + if (i_outBufSize > sizeof(TPM2_BaseOut)) + { + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + sizeof(TPM2_BaseOut), + o_outBuf, + i_outBufSize); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalTest(%s) - " + "RespBuf Size=10 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + } + + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + i_respBufSize, + o_outBuf, + 4); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalTest(%s) - " + "OutBuf Size=4 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + + if (i_outBufSize > sizeof(TPM2_BaseOut)) + { + err = tpmUnmarshalResponseData(i_commandCode, + i_respBuf, + i_respBufSize, + o_outBuf, + sizeof(TPM2_BaseOut)); + io_num_ops++; + if (NULL == err) + { + io_fails++; + TS_FAIL( "runTpmUnmarshalTest(%s) - " + "OutBuf Size=10 error not detected", + i_testName); + break; + } + else + { + delete err; + err = NULL; + } + } + + } while( 0 ); + } + + + /** + * @brief Test command marshaling + */ + void testCommandMarshal ( void ) + { + int64_t fails = 0, num_ops = 0; + uint8_t dataBufIn[BUFSIZE]; + uint8_t dataBufOut[BUFSIZE]; + size_t cmdSize = 0; + TRUSTEDBOOT::TPM2_BaseIn* baseCmd = + reinterpret_cast<TRUSTEDBOOT::TPM2_BaseIn*>(dataBufIn); + + TRACFCOMP( g_trac_trustedboot, + "testCommandMarshal - Start" ); + do + { + + // Unsupported command + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + baseCmd->commandCode = 0x12345; + + runTpmMarshalFailTest(baseCmd, + dataBufOut, + sizeof(dataBufOut), + cmdSize, + "Unsupported command", + num_ops, + fails); + } + + // Test 2ByteIn with Startup command + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + TRUSTEDBOOT::TPM2_2ByteIn* cmdPtr = + reinterpret_cast<TRUSTEDBOOT::TPM2_2ByteIn*>(dataBufIn); + cmdPtr->base.commandCode = TRUSTEDBOOT::TPM_CC_Startup; + + runTpmMarshalTest(baseCmd, + dataBufOut, + sizeof(dataBufOut), + cmdSize, + "2ByteIn", + num_ops, + fails, + sizeof(TPM2_2ByteIn)); + } + + // Test GetCapabilityIn + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + TRUSTEDBOOT::TPM2_GetCapabilityIn* cmdPtr = + reinterpret_cast<TRUSTEDBOOT::TPM2_GetCapabilityIn*> + (dataBufIn); + cmdPtr->base.commandCode = TRUSTEDBOOT::TPM_CC_GetCapability; + + runTpmMarshalTest(baseCmd, + dataBufOut, + sizeof(dataBufOut), + cmdSize, + "GetCapabilityIn", + num_ops, + fails, + sizeof(TPM2_GetCapabilityIn)); + } + + + + } while( 0 ); + TRACFCOMP( g_trac_trustedboot, + "testCommandMarshal - End: %d/%d fails", + fails, num_ops ); + + } + + /** + * @brief Test command unmarshaling + */ + void testCommandUnmarshal ( void ) + { + int64_t fails = 0, num_ops = 0; + uint8_t dataBufIn[BUFSIZE]; + uint8_t dataBufOut[BUFSIZE]; + TRUSTEDBOOT::TPM2_BaseOut* baseCmd = + reinterpret_cast<TRUSTEDBOOT::TPM2_BaseOut*>(dataBufOut); + + TRACFCOMP( g_trac_trustedboot, + "testCommandUnmarshal - Start" ); + do + { + + // Unsupported command + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + + runTpmUnmarshalFailTest(0x12345, + dataBufIn, + sizeof(dataBufIn), + baseCmd, + sizeof(dataBufOut), + "Unsupported command", + num_ops, + fails); + } + + // Test BaseOut with Startup command + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + + runTpmUnmarshalTest(TRUSTEDBOOT::TPM_CC_Startup, + dataBufIn, + sizeof(dataBufIn), + baseCmd, + sizeof(TPM2_BaseOut), + "BaseOut", + num_ops, + fails); + } + + // Test GetCapabilityOut + { + memset(dataBufIn, 0, sizeof(dataBufIn)); + memset(dataBufOut, 0, sizeof(dataBufOut)); + + // Test will fail because we haven't set the capability + runTpmUnmarshalFailTest(TRUSTEDBOOT::TPM_CC_GetCapability, + dataBufIn, + sizeof(dataBufIn), + baseCmd, + sizeof(TPM2_GetCapabilityOut), + "GetCapabilityOut - invalid cap", + num_ops, + fails); + + // Set the capability coming from the TPM + TRUSTEDBOOT::TPM2_GetCapabilityOut* respPtr = + reinterpret_cast<TRUSTEDBOOT::TPM2_GetCapabilityOut*> + (dataBufIn); + respPtr->capData.capability = + TRUSTEDBOOT::TPM_CAP_TPM_PROPERTIES; + + runTpmUnmarshalTest(TRUSTEDBOOT::TPM_CC_GetCapability, + dataBufIn, + sizeof(dataBufIn), + baseCmd, + sizeof(TPM2_GetCapabilityOut), + "GetCapabilityOut", + num_ops, + fails); + } + + + + } while( 0 ); + TRACFCOMP( g_trac_trustedboot, + "testCommandUnmarshal - End: %d/%d fails", + fails, num_ops ); + + } + + +}; + +#endif |