1# Copyright 2014 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5import gobject, os, shutil 6from dbus.mainloop.glib import DBusGMainLoop 7 8from autotest_lib.client.bin import test, utils 9from autotest_lib.client.common_lib import error 10from autotest_lib.client.common_lib.cros import chrome, session_manager 11from autotest_lib.client.cros import constants, cros_ui, ownership 12 13 14def set_block_devmode(value): 15 try: 16 utils.system('crossystem block_devmode=%d' % (1 if value else 0)) 17 except error.CmdError, e: 18 raise error.TestError('Failed to run crossystem: %s' % e) 19 20 21def get_block_devmode(): 22 try: 23 return utils.system_output('crossystem block_devmode') == '1' 24 except error.CmdError, e: 25 raise error.TestError('Failed to run crossystem: %s' % e) 26 27 28class platform_SessionManagerBlockDevmodeSetting(test.test): 29 """Verifies that session_manager updates the block_devmode flag to be in 30 sync with the corresponding device setting.""" 31 version = 1 32 33 def initialize(self): 34 super(platform_SessionManagerBlockDevmodeSetting, self).initialize() 35 ownership.restart_ui_to_clear_ownership_files() 36 self._bus_loop = DBusGMainLoop(set_as_default=True) 37 38 39 def run_once(self): 40 try: 41 if utils.system_output('crossystem mainfw_type') == 'nonchrome': 42 raise error.TestNAError( 43 'State key generation only works on Chrome OS hardware') 44 except error.CmdError, e: 45 raise error.TestError('Failed to run crossystem: %s' % e) 46 47 # Make sure that the flag sticks when there is no owner. 48 set_block_devmode(True) 49 cros_ui.restart() 50 cros_ui.stop() 51 if not get_block_devmode(): 52 raise error.TestFail("Flag got reset for non-owned device.") 53 54 # Test whether the flag gets reset when taking ownership. 55 listener = session_manager.OwnershipSignalListener(gobject.MainLoop()) 56 listener.listen_for_new_key_and_policy() 57 with chrome.Chrome() as cr: 58 listener.wait_for_signals(desc='Ownership files written to disk.') 59 if get_block_devmode(): 60 raise error.TestFail( 61 "Flag not clear after ownership got established.") 62 63 # Put a new owner key and policy blob in place, the latter of which 64 # specifies block_devmode=true. 65 cros_ui.stop(allow_fail=True) 66 shutil.copyfile( 67 os.path.join(self.bindir, 'owner.key'), constants.OWNER_KEY_FILE) 68 shutil.copyfile( 69 os.path.join(self.bindir, 'policy_block_devmode_enabled'), 70 constants.SIGNED_POLICY_FILE) 71 cros_ui.start() 72 if not get_block_devmode(): 73 raise error.TestFail( 74 "Flag not set after starting with policy enabled.") 75 76 # Send a new policy blob to session_manager that disables block_devmode. 77 listener.listen_for_new_policy() 78 with open(os.path.join(self.bindir, 79 'policy_block_devmode_disabled')) as f: 80 session_manager_proxy = session_manager.connect(self._bus_loop) 81 session_manager_proxy.StorePolicyEx( 82 session_manager.make_device_policy_descriptor(), f.read()) 83 listener.wait_for_signals(desc='Policy updated.') 84 85 if get_block_devmode(): 86 raise error.TestFail( 87 "Flag set after updating policy to clear flag.") 88