github.com/Lephar/snapd@v0.0.0-20210825215435-c7fba9cef4d2/boot/export_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2014-2019 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package boot 21 22 import ( 23 "fmt" 24 25 "github.com/snapcore/snapd/asserts" 26 "github.com/snapcore/snapd/bootloader" 27 "github.com/snapcore/snapd/kernel/fde" 28 "github.com/snapcore/snapd/secboot" 29 "github.com/snapcore/snapd/seed" 30 "github.com/snapcore/snapd/snap" 31 "github.com/snapcore/snapd/timings" 32 ) 33 34 func NewCoreBootParticipant(s snap.PlaceInfo, t snap.Type, dev Device) *coreBootParticipant { 35 bs, err := bootStateFor(t, dev) 36 if err != nil { 37 panic(err) 38 } 39 return &coreBootParticipant{s: s, bs: bs} 40 } 41 42 func NewCoreKernel(s snap.PlaceInfo, d Device) *coreKernel { 43 return &coreKernel{s, bootloaderOptionsForDeviceKernel(d)} 44 } 45 46 type Trivial = trivial 47 48 func (m *Modeenv) WasRead() bool { 49 return m.read 50 } 51 52 func (m *Modeenv) DeepEqual(m2 *Modeenv) bool { 53 return m.deepEqual(m2) 54 } 55 56 var ( 57 ModeenvKnownKeys = modeenvKnownKeys 58 59 MarshalModeenvEntryTo = marshalModeenvEntryTo 60 UnmarshalModeenvValueFromCfg = unmarshalModeenvValueFromCfg 61 62 NewTrustedAssetsCache = newTrustedAssetsCache 63 64 ObserveSuccessfulBootWithAssets = observeSuccessfulBootAssets 65 SealKeyToModeenv = sealKeyToModeenv 66 ResealKeyToModeenv = resealKeyToModeenv 67 RecoveryBootChainsForSystems = recoveryBootChainsForSystems 68 SealKeyModelParams = sealKeyModelParams 69 70 BootVarsForTrustedCommandLineFromGadget = bootVarsForTrustedCommandLineFromGadget 71 72 WriteModelToUbuntuBoot = writeModelToUbuntuBoot 73 ) 74 75 type BootAssetsMap = bootAssetsMap 76 type BootCommandLines = bootCommandLines 77 type TrackedAsset = trackedAsset 78 79 func (t *TrackedAsset) Equals(blName, name, hash string) error { 80 equal := t.hash == hash && 81 t.name == name && 82 t.blName == blName 83 if !equal { 84 return fmt.Errorf("not equal to bootloader %q tracked asset %v:%v", t.blName, t.name, t.hash) 85 } 86 return nil 87 } 88 89 func (o *TrustedAssetsInstallObserver) CurrentTrustedBootAssetsMap() BootAssetsMap { 90 return o.currentTrustedBootAssetsMap() 91 } 92 93 func (o *TrustedAssetsInstallObserver) CurrentTrustedRecoveryBootAssetsMap() BootAssetsMap { 94 return o.currentTrustedRecoveryBootAssetsMap() 95 } 96 97 func (o *TrustedAssetsInstallObserver) CurrentDataEncryptionKey() secboot.EncryptionKey { 98 return o.dataEncryptionKey 99 } 100 101 func (o *TrustedAssetsInstallObserver) CurrentSaveEncryptionKey() secboot.EncryptionKey { 102 return o.saveEncryptionKey 103 } 104 105 func MockSecbootSealKeys(f func(keys []secboot.SealKeyRequest, params *secboot.SealKeysParams) error) (restore func()) { 106 old := secbootSealKeys 107 secbootSealKeys = f 108 return func() { 109 secbootSealKeys = old 110 } 111 } 112 113 func MockSecbootSealKeysWithFDESetupHook(f func(runHook fde.RunSetupHookFunc, keys []secboot.SealKeyRequest, params *secboot.SealKeysWithFDESetupHookParams) error) (restore func()) { 114 old := secbootSealKeysWithFDESetupHook 115 secbootSealKeysWithFDESetupHook = f 116 return func() { 117 secbootSealKeysWithFDESetupHook = old 118 } 119 } 120 121 func MockSeedReadSystemEssential(f func(seedDir, label string, essentialTypes []snap.Type, tm timings.Measurer) (*asserts.Model, []*seed.Snap, error)) (restore func()) { 122 old := seedReadSystemEssential 123 seedReadSystemEssential = f 124 return func() { 125 seedReadSystemEssential = old 126 } 127 } 128 129 func (o *TrustedAssetsUpdateObserver) InjectChangedAsset(blName, assetName, hash string, recovery bool) { 130 ta := &trackedAsset{ 131 blName: blName, 132 name: assetName, 133 hash: hash, 134 } 135 if !recovery { 136 o.changedAssets = append(o.changedAssets, ta) 137 } else { 138 o.seedChangedAssets = append(o.seedChangedAssets, ta) 139 } 140 } 141 142 type BootAsset = bootAsset 143 type BootChain = bootChain 144 type PredictableBootChains = predictableBootChains 145 146 const ( 147 BootChainEquivalent = bootChainEquivalent 148 BootChainDifferent = bootChainDifferent 149 BootChainUnrevisioned = bootChainUnrevisioned 150 ) 151 152 var ( 153 ToPredictableBootAsset = toPredictableBootAsset 154 ToPredictableBootChain = toPredictableBootChain 155 ToPredictableBootChains = toPredictableBootChains 156 PredictableBootChainsEqualForReseal = predictableBootChainsEqualForReseal 157 BootAssetsToLoadChains = bootAssetsToLoadChains 158 BootAssetLess = bootAssetLess 159 WriteBootChains = writeBootChains 160 ReadBootChains = readBootChains 161 IsResealNeeded = isResealNeeded 162 163 SetImageBootFlags = setImageBootFlags 164 NextBootFlags = nextBootFlags 165 SetNextBootFlags = setNextBootFlags 166 167 ModelUniqueID = modelUniqueID 168 ) 169 170 func SetBootFlagsInBootloader(flags []string, rootDir string) error { 171 blVars := make(map[string]string, 1) 172 173 if err := setImageBootFlags(flags, blVars); err != nil { 174 return err 175 } 176 177 // now find the recovery bootloader in the system dir and set the value on 178 // it 179 opts := &bootloader.Options{ 180 Role: bootloader.RoleRecovery, 181 } 182 bl, err := bootloader.Find(rootDir, opts) 183 if err != nil { 184 return err 185 } 186 187 return bl.SetBootVars(blVars) 188 } 189 190 func (b *bootChain) SecbootModelForSealing() secboot.ModelForSealing { 191 return b.modelForSealing() 192 } 193 194 func (b *bootChain) SetKernelBootFile(kbf bootloader.BootFile) { 195 b.kernelBootFile = kbf 196 } 197 198 func (b *bootChain) KernelBootFile() bootloader.BootFile { 199 return b.kernelBootFile 200 } 201 202 func MockHasFDESetupHook(f func() (bool, error)) (restore func()) { 203 oldHasFDESetupHook := HasFDESetupHook 204 HasFDESetupHook = f 205 return func() { 206 HasFDESetupHook = oldHasFDESetupHook 207 } 208 } 209 210 func MockRunFDESetupHook(f fde.RunSetupHookFunc) (restore func()) { 211 oldRunFDESetupHook := RunFDESetupHook 212 RunFDESetupHook = f 213 return func() { RunFDESetupHook = oldRunFDESetupHook } 214 } 215 216 func MockResealKeyToModeenvUsingFDESetupHook(f func(string, *Modeenv, bool) error) (restore func()) { 217 old := resealKeyToModeenvUsingFDESetupHook 218 resealKeyToModeenvUsingFDESetupHook = f 219 return func() { 220 resealKeyToModeenvUsingFDESetupHook = old 221 } 222 } 223 224 func MockAdditionalBootFlags(bootFlags []string) (restore func()) { 225 old := understoodBootFlags 226 understoodBootFlags = append(understoodBootFlags, bootFlags...) 227 return func() { 228 understoodBootFlags = old 229 } 230 } 231 232 func MockWriteModelToUbuntuBoot(mock func(*asserts.Model) error) (restore func()) { 233 old := writeModelToUbuntuBoot 234 writeModelToUbuntuBoot = mock 235 return func() { 236 writeModelToUbuntuBoot = old 237 } 238 }