def test_CalculateMaxImageSize(self):
verity_image_builder = CreateVerityImageBuilder(self.DEFAULT_PROP_DICT)
size = verity_image_builder.CalculateMaxImageSize()
self.assertLess(size, self.DEFAULT_PARTITION_SIZE)
# Same result by explicitly passing the partition size.
self.assertEqual(
verity_image_builder.CalculateMaxImageSize(),
verity_image_builder.CalculateMaxImageSize(
self.DEFAULT_PARTITION_SIZE))
def test_Build(self):
prop_dict = copy.deepcopy(self.DEFAULT_PROP_DICT)
verity_image_builder = CreateVerityImageBuilder(prop_dict)
self.assertIsNotNone(verity_image_builder)
self.assertEqual(2, verity_image_builder.version)
input_dir = common.MakeTempDir()
image_dir = common.MakeTempDir()
system_image = os.path.join(image_dir, 'system.img')
system_image_size = verity_image_builder.CalculateMaxImageSize()
cmd = [
'mkuserimg_mke2fs', input_dir, system_image, 'ext4', '/system',
str(system_image_size), '-j', '0', '-s'
]
common.RunAndCheckOutput(cmd)
verity_image_builder.Build(system_image)
# Additionally make vbmeta image so that we can verify with avbtool.
vbmeta_image = os.path.join(image_dir, 'vbmeta.img')
cmd = [
'avbtool', 'make_vbmeta_image', '--include_descriptors_from_image',
system_image, '--output', vbmeta_image
]
common.RunAndCheckOutput(cmd)
# Verify the verity metadata.
cmd = ['avbtool', 'verify_image', '--image', vbmeta_image]
common.RunAndCheckOutput(cmd)
def _generate_system_image(self,
output_file,
system_root=None,
file_map=None):
prop_dict = {
'partition_size': str(1024 * 1024),
'verity': 'true',
'verity_block_device': '/dev/block/system',
'verity_key': os.path.join(self.testdata_dir, 'testkey'),
'verity_fec': "true",
'verity_signer_cmd': 'verity_signer',
}
verity_image_builder = CreateVerityImageBuilder(prop_dict)
image_size = verity_image_builder.CalculateMaxImageSize()
# Use an empty root directory.
if not system_root:
system_root = common.MakeTempDir()
cmd = [
'mkuserimg_mke2fs', '-s', system_root, output_file, 'ext4',
'/system',
str(image_size), '-j', '0'
]
if file_map:
cmd.extend(['-B', file_map])
proc = common.Run(cmd)
stdoutdata, _ = proc.communicate()
self.assertEqual(
0, proc.returncode,
"Failed to create system image with mkuserimg_mke2fs: {}".format(
stdoutdata))
# Append the verity metadata.
verity_image_builder.Build(output_file)
def _BuildAndVerify(prop, verify_key):
verity_image_builder = CreateVerityImageBuilder(prop)
image_size = verity_image_builder.CalculateMaxImageSize()
# Build the sparse image with verity metadata.
input_dir = common.MakeTempDir()
image = common.MakeTempFile(suffix='.img')
cmd = ['mkuserimg_mke2fs', input_dir, image, 'ext4', '/system',
str(image_size), '-j', '0', '-s']
common.RunAndCheckOutput(cmd)
verity_image_builder.Build(image)
# Verify the verity metadata.
cmd = ['verity_verifier', image, '-mincrypt', verify_key]
common.RunAndCheckOutput(cmd)
def test_Build_SquashFs(self):
verity_image_builder = CreateVerityImageBuilder(self.DEFAULT_PROP_DICT)
verity_image_builder.CalculateMaxImageSize()
# Build the sparse image with verity metadata.
input_dir = common.MakeTempDir()
image = common.MakeTempFile(suffix='.img')
cmd = ['mksquashfsimage.sh', input_dir, image, '-s']
common.RunAndCheckOutput(cmd)
verity_image_builder.PadSparseImage(image)
verity_image_builder.Build(image)
# Verify the verity metadata.
cmd = ["verity_verifier", image, '-mincrypt',
os.path.join(get_testdata_dir(), 'testkey_mincrypt')]
common.RunAndCheckOutput(cmd)
def _GenerateImage(self):
partition_size = 1024 * 1024
prop_dict = {
'partition_size': str(partition_size),
'verity': 'true',
'verity_block_device': '/dev/block/system',
'verity_key': os.path.join(self.testdata_dir, 'testkey'),
'verity_fec': 'true',
'verity_signer_cmd': 'verity_signer',
}
verity_image_builder = CreateVerityImageBuilder(prop_dict)
self.assertIsNotNone(verity_image_builder)
adjusted_size = verity_image_builder.CalculateMaxImageSize()
raw_image = bytearray(adjusted_size)
for i in range(adjusted_size):
raw_image[i] = ord('0') + i % 10
output_file = self._CreateSimg(raw_image)
# Append the verity metadata.
verity_image_builder.Build(output_file)
return output_file