• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "boringssl_self_test.h"
18 
19 #include <android-base/logging.h>
20 #include <cutils/android_reboot.h>
21 #include <openssl/crypto.h>
22 #include <sys/types.h>
23 #include <unistd.h>
24 
25 namespace android {
26 namespace init {
27 
StartBoringSslSelfTest(const BuiltinArguments &)28 Result<Success> StartBoringSslSelfTest(const BuiltinArguments&) {
29     pid_t id = fork();
30 
31     if (id == 0) {
32         if (BORINGSSL_self_test() != 1) {
33             LOG(INFO) << "BoringSSL crypto self tests failed";
34 
35             // This check has failed, so the device should refuse
36             // to boot. Rebooting to bootloader to wait for
37             // further action from the user.
38 
39             int result = android_reboot(ANDROID_RB_RESTART2, 0,
40                                         "bootloader,boringssl-self-check-failed");
41             if (result != 0) {
42                 LOG(ERROR) << "Failed to reboot into bootloader";
43             }
44         }
45 
46         _exit(0);
47     } else if (id == -1) {
48         // Failed to fork, so cannot run the test. Refuse to continue.
49         PLOG(FATAL) << "Failed to fork for BoringSSL self test";
50     }
51 
52     return Success();
53 }
54 
55 }  // namespace init
56 }  // namespace android
57