1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include "boringssl_self_test.h" 18 19 #include <android-base/logging.h> 20 #include <cutils/android_reboot.h> 21 #include <openssl/crypto.h> 22 #include <sys/types.h> 23 #include <unistd.h> 24 25 namespace android { 26 namespace init { 27 StartBoringSslSelfTest(const BuiltinArguments &)28Result<Success> StartBoringSslSelfTest(const BuiltinArguments&) { 29 pid_t id = fork(); 30 31 if (id == 0) { 32 if (BORINGSSL_self_test() != 1) { 33 LOG(INFO) << "BoringSSL crypto self tests failed"; 34 35 // This check has failed, so the device should refuse 36 // to boot. Rebooting to bootloader to wait for 37 // further action from the user. 38 39 int result = android_reboot(ANDROID_RB_RESTART2, 0, 40 "bootloader,boringssl-self-check-failed"); 41 if (result != 0) { 42 LOG(ERROR) << "Failed to reboot into bootloader"; 43 } 44 } 45 46 _exit(0); 47 } else if (id == -1) { 48 // Failed to fork, so cannot run the test. Refuse to continue. 49 PLOG(FATAL) << "Failed to fork for BoringSSL self test"; 50 } 51 52 return Success(); 53 } 54 55 } // namespace init 56 } // namespace android 57