def __init__(self, *args, **kwargs):
version = utils.get_kernel_version()
if version == "3.8.11":
raise error.TestNAError('Test is n/a for kernels older than 3.10')
super(security_ProcessManagementPolicy,
self).__init__(*args, **kwargs)
self._failure = False
def verify_graphics_psr(self):
""" On systems which support PSR, check that we can get into PSR;
idle before doing so, and retry every second for 20 seconds."""
logging.info('Running verify_graphics_psr')
if utils.get_cpu_soc_family() != 'x86_64':
return ''
tries = 0
found = False
param_path = self.get_valid_path(PSR_PATHS)
if not param_path:
logging.warning("PSR_PATHS not found.")
return ''
kernel_version = utils.get_kernel_version()[0:4].rstrip(".")
logging.info('Kernel version: %s', kernel_version)
# First check if PSR is enabled on the device so
# we can watch for the active values
with open(param_path, 'r') as psr_info_file:
match = None
for line in psr_info_file:
match = re.search(r'Enabled: yes', line)
if match:
logging.info('PSR enabled')
break
if not match:
logging.warning('PSR not enabled')
return ''
while not found and tries < 20:
time.sleep(1)
with open(param_path, 'r') as psr_info_file:
for line in psr_info_file:
# Kernels 4.4 and up
if common_utils.compare_versions(kernel_version,
'4.4') != -1:
match = re.search(r'PSR status: .* \[SRDENT', line)
if match:
found = True
logging.info('Found active with kernel >= 4.4')
break
# 3.18 kernel
elif kernel_version == '3.18':
match = re.search(r'Performance_Counter: 0', line)
if match:
found = True
logging.info('Found active with 3.18 kernel')
break
# Older kernels (up to 3.14)
else:
match = re.search(r'Performance_Counter: ([\d])+',
line)
if match and int(match.group(1)) > 0:
found = True
logging.info('Found active with kernel <= 3.14')
break
tries += 1
if not found:
return self.handle_error('Did not see PSR activity. ', param_path)
return ''
def __init__(self, *args, **kwargs):
# TODO(mortonm): add a function to utils to do this kernel version
# check and raise NAError.
version = utils.get_kernel_version()
if version == "3.8.11":
raise error.TestNAError('Test is n/a for kernels older than 3.10')
super(security_NosymfollowMountOption,
self).__init__(*args, **kwargs)
self._failure = False
def _create_dut_info_dict(self, power_rails):
"""Create a dictionary that contain information of the DUT.
Args:
power_rails: list of measured power rails
Returns:
DUT info dictionary
"""
board = utils.get_board()
platform = utils.get_platform()
if not platform.startswith(board):
board += '_' + platform
if power_utils.has_hammer():
board += '_hammer'
dut_info_dict = {
'board': board,
'version': {
'hw': utils.get_hardware_revision(),
'milestone': lsbrelease_utils.get_chromeos_release_milestone(),
'os': lsbrelease_utils.get_chromeos_release_version(),
'channel': lsbrelease_utils.get_chromeos_channel(),
'firmware': utils.get_firmware_version(),
'ec': utils.get_ec_version(),
'kernel': utils.get_kernel_version(),
},
'sku': {
'cpu': utils.get_cpu_name(),
'memory_size': utils.get_mem_total_gb(),
'storage_size':
utils.get_disk_size_gb(utils.get_root_device()),
'display_resolution': utils.get_screen_resolution(),
},
'ina': {
'version': 0,
'ina': power_rails,
},
'note': self._note,
}
if power_utils.has_battery():
status = power_status.get_status()
if status.battery:
# Round the battery size to nearest tenth because it is
# fluctuated for platform without battery nominal voltage data.
dut_info_dict['sku']['battery_size'] = round(
status.battery[0].energy_full_design, 1)
dut_info_dict['sku']['battery_shutdown_percent'] = \
power_utils.get_low_battery_shutdown_percent()
return dut_info_dict
def _create_powerlog_dict(self, raw_measurement):
"""Create powerlog dictionary from raw measurement data
Data format in go/power-dashboard-data
Args:
raw_measurement: dictionary contains raw measurement data.
Returns:
A dictionary of powerlog.
"""
powerlog_dict = {
'format_version': 2,
'timestamp': time.time(),
'test': self._testname,
'dut': {
'board': utils.get_board(),
'version': {
'hw': utils.get_hardware_revision(),
'milestone':
lsbrelease_utils.get_chromeos_release_milestone(),
'os': lsbrelease_utils.get_chromeos_release_version(),
'channel': lsbrelease_utils.get_chromeos_channel(),
'firmware': utils.get_firmware_version(),
'ec': utils.get_ec_version(),
'kernel': utils.get_kernel_version(),
},
'sku': {
'cpu': utils.get_cpu_name(),
'memory_size': utils.get_mem_total_gb(),
'storage_size':
utils.get_disk_size_gb(utils.get_root_device()),
'display_resolution': utils.get_screen_resolution(),
},
'ina': {
'version': 0,
'ina': raw_measurement['data'].keys()
},
'note': ''
},
'power': raw_measurement
}
if power_utils.has_battery():
# Round the battery size to nearest tenth because it is fluctuated
# for platform without battery norminal voltage data.
powerlog_dict['dut']['sku']['battery_size'] = round(
power_status.get_status().battery[0].energy_full_design, 1)
powerlog_dict['dut']['sku']['battery_shutdown_percent'] = \
power_utils.get_low_battery_shutdown_percent()
return powerlog_dict
def run_once(self):
"""Runs the test."""
arch = utils.get_cpu_arch()
if arch == 'x86_64':
arch = utils.get_cpu_soc_family()
curr_kernel = utils.get_kernel_version()
logging.debug('CPU arch is "%s"', arch)
logging.debug('Kernel version is "%s"', curr_kernel)
if arch not in self.TESTS:
raise error.TestNAError('"%s" arch not in test baseline' % arch)
# Kernels <= 3.14 don't have this directory and are expected to abort
# with TestNA.
if not os.path.exists(self.SYSTEM_CPU_VULNERABILITIES):
raise error.TestNAError('"%s" directory not present, not testing' %
self.SYSTEM_CPU_VULNERABILITIES)
failures = []
for filename, expected in self.TESTS[arch].items():
file = os.path.join(self.SYSTEM_CPU_VULNERABILITIES, filename)
if not os.path.exists(file):
raise error.TestError('"%s" file does not exist, cannot test' %
file)
min_kernel = expected[0]
if utils.compare_versions(curr_kernel, min_kernel) == -1:
# The kernel on the DUT is older than the version where
# the mitigation was introduced.
info_message = 'DUT kernel version "%s"' % curr_kernel
info_message += ' is older than "%s"' % min_kernel
info_message += ', skipping "%s" test' % filename
logging.info(info_message)
continue
# E.g.:
# Not affected
# $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
# Not affected
#
# One mitigation
# $ cat /sys/devices/system/cpu/vulnerabilities/meltdown
# Mitigation: PTI
#
# Several mitigations
# $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
# Mitigation: Full generic retpoline, IBPB, IBRS_FW
with open(file) as f:
lines = f.readlines()
if len(lines) > 1:
logging.warning('"%s" has more than one line', file)
actual = lines[0].strip()
logging.debug('"%s" -> "%s"', file, actual)
expected_mitigations = expected[1]
if not expected_mitigations:
if actual != 'Not affected':
failures.append((file, actual, expected_mitigations))
else:
# CPU is affected.
if 'Mitigation' not in actual:
failures.append((file, actual, expected_mitigations))
else:
mit_list = actual.split(':', 1)[1].split(',')
actual_mitigations = set(t.strip() for t in mit_list)
# Test set inclusion.
if actual_mitigations < expected_mitigations:
failures.append((file, actual_mitigations,
expected_mitigations))
if failures:
for failure in failures:
logging.error('"%s" was "%s", expected "%s"', *failure)
raise error.TestFail('CPU vulnerabilities not mitigated properly')
def get_kernel_version():
""" Retruns the kernel version in form of xx.xx. """
m = re.match(r'(\d+\.\d+)\.\d+', bin_utils.get_kernel_version())
if m:
return m.group(1)
return 'unknown'