1#!/bin/bash 2 3# Copyright 2019 The Chromium OS Authors. All rights reserved. 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7set -e 8 9. $(dirname "$(readlink -f "${0}")")/common.sh 10 11echo "Running test to validate adding entropy only succeeds when running RO" 12 13echo "Making sure all write protect is enabled" 14enable_sw_write_protect 15check_hw_and_sw_write_protect_enabled 16 17echo "Validating initial state" 18check_has_mp_rw_firmware 19check_has_mp_ro_firmware 20check_running_rw_firmware 21check_is_rollback_set_to_initial_val 22 23 24echo "Adding entropy should fail when running RW" 25if (add_entropy); then 26 echo "Should not be able to add entropy when running RW FW" 27 exit 1 28fi 29 30echo "Validating rollback didn't change" 31check_is_rollback_set_to_initial_val 32 33echo "Adding entropy from RO should succeed" 34reboot_ec_to_ro 35add_entropy 36 37echo "Validating Block ID changes, but nothing else" 38check_rollback_block_id_matches "2" 39check_rollback_min_version_matches "0" 40check_rollback_rw_version_matches "0" 41 42echo "Adding entropy with reset (double write) from RO should succeed" 43reboot_ec_to_ro 44add_entropy reset 45 46echo "Validating Block ID increases by 2, but nothing else" 47check_rollback_block_id_matches "4" 48check_rollback_min_version_matches "0" 49check_rollback_rw_version_matches "0" 50 51echo "Switching back to RW" 52reboot_ec 53 54echo "Validating nothing changed" 55check_rollback_block_id_matches "4" 56check_rollback_min_version_matches "0" 57check_rollback_rw_version_matches "0" 58