1# Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5import logging, mmap, os, time 6 7import common 8from autotest_lib.client.bin import os_dep, test 9from autotest_lib.client.common_lib import error, logging_manager, utils 10 11""" a wrapper for using verity/dm-verity with a test backing store """ 12 13# enum for the 3 possible values of the module parameter. 14ERROR_BEHAVIOR_ERROR = 'eio' 15ERROR_BEHAVIOR_REBOOT = 'panic' 16ERROR_BEHAVIOR_IGNORE = 'none' 17ERROR_BEHAVIOR_NOTIFIER = 'notify' # for platform specific behavior. 18 19# Default configuration for verity_image 20DEFAULT_TARGET_NAME = 'verity_image' 21DEFAULT_ALG = 'sha1' 22DEFAULT_IMAGE_SIZE_IN_BLOCKS = 100 23DEFAULT_ERROR_BEHAVIOR = ERROR_BEHAVIOR_ERROR 24# TODO(wad) make this configurable when dm-verity doesn't hard-code 4096. 25BLOCK_SIZE = 4096 26 27def system(command, timeout=None): 28 """Delegate to utils.system to run |command|, logs stderr only on fail. 29 30 Runs |command|, captures stdout and stderr. Logs stdout to the DEBUG 31 log no matter what, logs stderr only if the command actually fails. 32 Will time the command out after |timeout|. 33 """ 34 utils.run(command, timeout=timeout, ignore_status=False, 35 stdout_tee=utils.TEE_TO_LOGS, stderr_tee=utils.TEE_TO_LOGS, 36 stderr_is_expected=True) 37 38class verity_image(object): 39 """ a helper for creating dm-verity targets for testing. 40 41 To use, 42 vi = verity_image() 43 vi.initialize(self.tmpdir, "dmveritytesta") 44 # Create a 409600 byte image with /bin/ls on it 45 # The size in bytes is returned. 46 backing_path = vi.create_backing_image(100, copy_files=['/bin/ls']) 47 # Performs hashing of the backing_path and sets up a device. 48 loop_dev = vi.prepare_backing_device() 49 # Sets up the mapped device and returns the path: 50 # E.g., /dev/mapper/autotest_dmveritytesta 51 dev = vi.create_verity_device() 52 # Access the mapped device using the returned string. 53 54 TODO(wad) add direct verified and backing store access functions 55 to make writing modifiers easier (e.g., mmap). 56 """ 57 # Define the command template constants. 58 verity_cmd = \ 59 'verity mode=create alg=%s payload=%s payload_blocks=%d hashtree=%s' 60 dd_cmd = 'dd if=/dev/zero of=%s bs=4096 count=0 seek=%d' 61 mkfs_cmd = 'mkfs.ext3 -b 4096 -F %s' 62 dmsetup_cmd = "dmsetup -r create autotest_%s --table '%s'" 63 64 def _device_release(self, cmd, device): 65 if utils.system(cmd, ignore_status=True) == 0: 66 return 67 logging.warning("Could not release %s. Retrying..." % (device)) 68 # Other things (like cros-disks) may have the device open briefly, 69 # so if we initially fail, try again and attempt to gather details 70 # on who else is using the device. 71 fuser = utils.system_output('fuser -v %s' % (device), 72 retain_output=True, 73 ignore_status=True) 74 lsblk = utils.system_output('lsblk %s' % (device), 75 retain_output=True, 76 ignore_status=True) 77 time.sleep(1) 78 if utils.system(cmd, ignore_status=True) == 0: 79 return 80 raise error.TestFail('"%s" failed: %s\n%s' % (cmd, fuser, lsblk)) 81 82 def reset(self): 83 """Idempotent call which will free any claimed system resources""" 84 # Pre-initialize these values to None 85 for attr in ['mountpoint', 'device', 'loop', 'file', 'hash_file']: 86 if not hasattr(self, attr): 87 setattr(self, attr, None) 88 logging.info("verity_image is being reset") 89 90 if self.mountpoint is not None: 91 system('umount %s' % self.mountpoint) 92 self.mountpoint = None 93 94 if self.device is not None: 95 self._device_release('dmsetup remove %s' % (self.device), 96 self.device) 97 self.device = None 98 99 if self.loop is not None: 100 self._device_release('losetup -d %s' % (self.loop), self.loop) 101 self.loop = None 102 103 if self.file is not None: 104 os.remove(self.file) 105 self.file = None 106 107 if self.hash_file is not None: 108 os.remove(self.hash_file) 109 self.hash_file = None 110 111 self.alg = DEFAULT_ALG 112 self.error_behavior = DEFAULT_ERROR_BEHAVIOR 113 self.blocks = DEFAULT_IMAGE_SIZE_IN_BLOCKS 114 self.file = None 115 self.has_fs = False 116 self.hash_file = None 117 self.table = None 118 self.target_name = DEFAULT_TARGET_NAME 119 120 self.__initialized = False 121 122 def __init__(self): 123 """Sets up the defaults for the object and then calls reset() 124 """ 125 self.reset() 126 127 def __del__(self): 128 # Release any and all system resources. 129 self.reset() 130 131 def _create_image(self): 132 """Creates a dummy file.""" 133 # TODO(wad) replace with python 134 utils.system_output(self.dd_cmd % (self.file, self.blocks)) 135 136 def _create_fs(self, copy_files): 137 """sets up ext3 on the image""" 138 self.has_fs = True 139 system(self.mkfs_cmd % self.file) 140 if type(copy_files) is list: 141 for file in copy_files: 142 pass # TODO(wad) 143 144 def _hash_image(self): 145 """runs verity over the image and saves the device mapper table""" 146 self.table = utils.system_output(self.verity_cmd % (self.alg, 147 self.file, 148 self.blocks, 149 self.hash_file)) 150 # The verity tool doesn't include a templated error value. 151 # For now, we add one. 152 self.table += " error_behavior=ERROR_BEHAVIOR" 153 logging.info("table is %s" % self.table) 154 155 def _append_hash(self): 156 f = open(self.file, 'ab') 157 f.write(utils.read_file(self.hash_file)) 158 f.close() 159 160 def _setup_loop(self): 161 # Setup a loop device 162 self.loop = utils.system_output('losetup -f --show %s' % (self.file)) 163 164 def _setup_target(self): 165 # Update the table with the loop dev 166 self.table = self.table.replace('HASH_DEV', self.loop) 167 self.table = self.table.replace('ROOT_DEV', self.loop) 168 self.table = self.table.replace('ERROR_BEHAVIOR', self.error_behavior) 169 170 system(self.dmsetup_cmd % (self.target_name, self.table)) 171 self.device = "/dev/mapper/autotest_%s" % self.target_name 172 173 def initialize(self, 174 tmpdir, 175 target_name, 176 alg=DEFAULT_ALG, 177 size_in_blocks=DEFAULT_IMAGE_SIZE_IN_BLOCKS, 178 error_behavior=DEFAULT_ERROR_BEHAVIOR): 179 """Performs any required system-level initialization before use. 180 """ 181 try: 182 os_dep.commands('losetup', 'mkfs.ext3', 'dmsetup', 'verity', 'dd', 183 'dumpe2fs') 184 except ValueError, e: 185 logging.error('verity_image cannot be used without: %s' % e) 186 return False 187 188 # Used for the mapper device name and the tmpfile names. 189 self.target_name = target_name 190 191 # Reserve some files to use. 192 self.file = os.tempnam(tmpdir, '%s.img.' % self.target_name) 193 self.hash_file = os.tempnam(tmpdir, '%s.hash.' % self.target_name) 194 195 # Set up the configurable bits. 196 self.alg = alg 197 self.error_behavior = error_behavior 198 self.blocks = size_in_blocks 199 200 self.__initialized = True 201 return True 202 203 def create_backing_image(self, size_in_blocks, with_fs=True, 204 copy_files=None): 205 """Creates an image file of the given number of blocks and if specified 206 will create a filesystem and copy any files in a copy_files list to 207 the fs. 208 """ 209 self.blocks = size_in_blocks 210 self._create_image() 211 212 if with_fs is True: 213 self._create_fs(copy_files) 214 else: 215 if type(copy_files) is list and len(copy_files) != 0: 216 logging.warning("verity_image.initialize called with " \ 217 "files to copy but no fs") 218 219 return self.file 220 221 def prepare_backing_device(self): 222 """Hashes the backing image, appends it to the backing image, points 223 a loop device at it and returns the path to the loop.""" 224 self._hash_image() 225 self._append_hash() 226 self._setup_loop() 227 return self.loop 228 229 def create_verity_device(self): 230 """Sets up the device mapper node and returns its path""" 231 self._setup_target() 232 return self.device 233 234 def verifiable(self): 235 """Returns True if the dm-verity device does not throw any errors 236 when being walked completely or False if it does.""" 237 try: 238 if self.has_fs is True: 239 system('dumpe2fs %s' % self.device) 240 # TODO(wad) replace with mmap.mmap-based access 241 system('dd if=%s of=/dev/null bs=4096' % self.device) 242 return True 243 except error.CmdError, e: 244 return False 245 246 247class VerityImageTest(test.test): 248 """VerityImageTest provides a base class for verity_image tests 249 to be derived from. It sets up a verity_image object for use 250 and provides the function mod_and_test() to wrap simple test 251 cases for verity_images. 252 253 See platform_DMVerityCorruption as an example usage. 254 """ 255 version = 1 256 image_blocks = DEFAULT_IMAGE_SIZE_IN_BLOCKS 257 258 def initialize(self): 259 """Overrides test.initialize() to setup a verity_image""" 260 self.verity = verity_image() 261 262 # Example callback for mod_and_test that does nothing 263 def mod_nothing(self, run_count, backing_path, block_size, block_count): 264 pass 265 266 def mod_and_test(self, modifier, count, expected): 267 """Takes in a callback |modifier| and runs it |count| times over 268 the verified image checking for |expected| out of verity.verifiable() 269 """ 270 tries = 0 271 while tries < count: 272 # Start fresh then modify each block in the image. 273 self.verity.reset() 274 self.verity.initialize(self.tmpdir, self.__class__.__name__) 275 backing_path = self.verity.create_backing_image(self.image_blocks) 276 loop_dev = self.verity.prepare_backing_device() 277 278 modifier(tries, 279 backing_path, 280 BLOCK_SIZE, 281 self.image_blocks) 282 283 mapped_dev = self.verity.create_verity_device() 284 285 # Now check for failure. 286 if self.verity.verifiable() is not expected: 287 raise error.TestFail( 288 '%s: verity.verifiable() not as expected (%s)' % 289 (modifier.__name__, expected)) 290 tries += 1 291