1# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import logging
6
7from autotest_lib.client.common_lib import error
8from autotest_lib.server.cros import vboot_constants as vboot
9from autotest_lib.server.cros.faft.firmware_test import FirmwareTest
10
11
12class firmware_SelfSignedBoot(FirmwareTest):
13    """
14    Servo based developer mode boot only test to Self signed Kernels.
15
16    This test requires a USB disk plugged-in, which contains a Chrome OS test
17    image (built by 'build_image test'). On runtime, this test first switches
18    DUT to dev mode. When dev_boot_usb=1 and dev_boot_signed_only=1, pressing
19    Ctrl-U on developer screen should not boot the USB disk(recovery mode boot
20    should work), and when USB image is resigned with SSD keys, pressing Ctrl-U
21    should boot to the USB disk.
22    """
23    version = 1
24
25    def initialize(self, host, cmdline_args, ec_wp=None):
26        super(firmware_SelfSignedBoot, self).initialize(host, cmdline_args,
27                                                        ec_wp=ec_wp)
28        self.switcher.setup_mode('dev')
29        self.setup_usbkey(usbkey=True, host=False)
30
31        self.original_dev_boot_usb = self.faft_client.system.get_dev_boot_usb()
32        logging.info('Original dev_boot_usb value: %s',
33                     str(self.original_dev_boot_usb))
34
35        self.usb_dev = self.get_usbdisk_path_on_dut()
36        if not self.usb_dev:
37            raise error.TestError("Unable to find USB disk")
38
39    def cleanup(self):
40        try:
41            self.faft_client.system.set_dev_boot_usb(self.original_dev_boot_usb)
42            self.disable_crossystem_selfsigned()
43            self.ensure_dev_internal_boot(self.original_dev_boot_usb)
44            self.resignimage_recoverykeys()
45        except Exception as e:
46            logging.error("Caught exception: %s", str(e))
47        super(firmware_SelfSignedBoot, self).cleanup()
48
49    def resignimage_ssdkeys(self):
50        """Re-signing the USB image using the SSD keys."""
51        self.faft_client.system.run_shell_command(
52            '/usr/share/vboot/bin/make_dev_ssd.sh -i %s' % self.usb_dev)
53
54    def resignimage_recoverykeys(self):
55        """Re-signing the USB image using the Recovery keys."""
56        self.faft_client.system.run_shell_command(
57            '/usr/share/vboot/bin/make_dev_ssd.sh -i %s --recovery_key'
58            % self.usb_dev)
59
60    def enable_crossystem_selfsigned(self):
61        """Enable dev_boot_signed_only + dev_boot_usb."""
62        self.faft_client.system.run_shell_command(
63            'crossystem dev_boot_signed_only=1')
64        self.faft_client.system.run_shell_command('crossystem dev_boot_usb=1')
65
66    def disable_crossystem_selfsigned(self):
67        """Disable dev_boot_signed_only + dev_boot_usb."""
68        self.faft_client.system.run_shell_command(
69            'crossystem dev_boot_signed_only=0')
70        self.faft_client.system.run_shell_command('crossystem dev_boot_usb=0')
71
72    def run_once(self):
73        if (self.faft_config.has_keyboard and
74                not self.check_ec_capability(['keyboard'])):
75            raise error.TestNAError("TEST IT MANUALLY! This test can't be "
76                                    "automated on non-Chrome-EC devices.")
77
78        logging.info("Expected developer mode, set dev_boot_usb and "
79                     "dev_boot_signed_only to 1.")
80        self.check_state((self.checkers.dev_boot_usb_checker, False))
81        self.enable_crossystem_selfsigned()
82        self.switcher.mode_aware_reboot()
83
84        logging.info("Expected internal disk boot, switch to recovery mode.")
85        self.check_state((self.checkers.dev_boot_usb_checker, False,
86                          'Not internal disk boot, dev_boot_usb misbehaved'))
87        self.switcher.reboot_to_mode(to_mode='rec')
88
89        logging.info("Expected recovery boot and reboot.")
90        self.check_state((self.checkers.crossystem_checker, {
91                   'mainfw_type': 'recovery',
92                   'recovery_reason': vboot.RECOVERY_REASON['RO_MANUAL'],
93                   }))
94        self.switcher.mode_aware_reboot()
95
96        logging.info("Expected internal disk boot, resign with SSD keys.")
97        self.check_state((self.checkers.dev_boot_usb_checker, False,
98                          'Not internal disk boot, dev_boot_usb misbehaved'))
99        self.resignimage_ssdkeys()
100        self.switcher.simple_reboot()
101        self.switcher.bypass_dev_boot_usb()
102        self.switcher.wait_for_client()
103
104        logging.info("Expected USB boot.")
105        # After signing USB image with SSD developer keys, kernkey_vfy value
106        # is expected as 'sig' when booted in USB image.
107        self.check_state((self.checkers.dev_boot_usb_checker, (True, False),
108                          'Device not booted from USB image properly.'))
109        self.switcher.mode_aware_reboot()
110
111        logging.info("Check and done.")
112        self.check_state((self.checkers.dev_boot_usb_checker, False))
113