1#!/bin/bash 2 3# Copyright 2019 The Chromium OS Authors. All rights reserved. 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7set -e 8 9. $(dirname "$(readlink -f "${0}")")/common.sh 10 11echo "Running test to validate adding entropy only succeeds when running RO" 12 13echo "Making sure all write protect is enabled" 14check_hw_and_sw_write_protect_enabled 15 16echo "Validating initial state" 17check_has_mp_rw_firmware 18check_has_mp_ro_firmware 19check_running_rw_firmware 20check_is_rollback_set_to_initial_val 21 22 23echo "Adding entropy should fail when running RW" 24if (add_entropy); then 25 echo "Should not be able to add entropy when running RW FW" 26 exit 1 27fi 28 29echo "Validating rollback didn't change" 30check_is_rollback_set_to_initial_val 31 32echo "Adding entropy from RO should succeed" 33reboot_ec_to_ro 34add_entropy 35 36echo "Validating Block ID changes, but nothing else" 37check_rollback_block_id_matches "2" 38check_rollback_min_version_matches "0" 39check_rollback_rw_version_matches "0" 40 41echo "Adding entropy with reset (double write) from RO should succeed" 42reboot_ec_to_ro 43add_entropy reset 44 45echo "Validating Block ID increases by 2, but nothing else" 46check_rollback_block_id_matches "4" 47check_rollback_min_version_matches "0" 48check_rollback_rw_version_matches "0" 49 50echo "Switching back to RW" 51reboot_ec 52 53echo "Validating nothing changed" 54check_rollback_block_id_matches "4" 55check_rollback_min_version_matches "0" 56check_rollback_rw_version_matches "0" 57