1# Copyright 2014 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import gobject, os, shutil
6from dbus.mainloop.glib import DBusGMainLoop
7
8from autotest_lib.client.bin import test, utils
9from autotest_lib.client.common_lib import error
10from autotest_lib.client.common_lib.cros import chrome, session_manager
11from autotest_lib.client.cros import constants, cros_ui, ownership
12
13
14def set_block_devmode(value):
15    try:
16        utils.system('crossystem block_devmode=%d' % (1 if value else 0))
17    except error.CmdError, e:
18        raise error.TestError('Failed to run crossystem: %s' % e)
19
20
21def get_block_devmode():
22    try:
23        return utils.system_output('crossystem block_devmode') == '1'
24    except error.CmdError, e:
25        raise error.TestError('Failed to run crossystem: %s' % e)
26
27
28class platform_SessionManagerBlockDevmodeSetting(test.test):
29    """Verifies that session_manager updates the block_devmode flag to be in
30    sync with the corresponding device setting."""
31    version = 1
32
33    def initialize(self):
34        super(platform_SessionManagerBlockDevmodeSetting, self).initialize()
35        ownership.restart_ui_to_clear_ownership_files()
36        self._bus_loop = DBusGMainLoop(set_as_default=True)
37
38
39    def run_once(self):
40        try:
41            if utils.system_output('crossystem mainfw_type') == 'nonchrome':
42                raise error.TestNAError(
43                    'State key generation only works on Chrome OS hardware')
44        except error.CmdError, e:
45            raise error.TestError('Failed to run crossystem: %s' % e)
46
47        # Make sure that the flag sticks when there is no owner.
48        set_block_devmode(True)
49        cros_ui.restart()
50        cros_ui.stop()
51        if not get_block_devmode():
52            raise error.TestFail("Flag got reset for non-owned device.")
53
54        # Test whether the flag gets reset when taking ownership.
55        listener = session_manager.OwnershipSignalListener(gobject.MainLoop())
56        listener.listen_for_new_key_and_policy()
57        with chrome.Chrome() as cr:
58            listener.wait_for_signals(desc='Ownership files written to disk.')
59            if get_block_devmode():
60                raise error.TestFail(
61                    "Flag not clear after ownership got established.")
62
63        # Put a new owner key and policy blob in place, the latter of which
64        # specifies block_devmode=true.
65        cros_ui.stop(allow_fail=True)
66        shutil.copyfile(
67            os.path.join(self.bindir, 'owner.key'), constants.OWNER_KEY_FILE)
68        shutil.copyfile(
69            os.path.join(self.bindir, 'policy_block_devmode_enabled'),
70            constants.SIGNED_POLICY_FILE)
71        cros_ui.start()
72        if not get_block_devmode():
73            raise error.TestFail(
74                "Flag not set after starting with policy enabled.")
75
76        # Send a new policy blob to session_manager that disables block_devmode.
77        listener.listen_for_new_policy()
78        with open(os.path.join(self.bindir,
79                               'policy_block_devmode_disabled')) as f:
80            session_manager_proxy = session_manager.connect(self._bus_loop)
81            session_manager_proxy.StorePolicyEx(
82                session_manager.make_device_policy_descriptor(), f.read())
83        listener.wait_for_signals(desc='Policy updated.')
84
85        if get_block_devmode():
86            raise error.TestFail(
87                "Flag set after updating policy to clear flag.")
88