github.com/david-imola/snapd@v0.0.0-20210611180407-2de8ddeece6d/boot/export_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2014-2019 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package boot 21 22 import ( 23 "fmt" 24 25 "github.com/snapcore/snapd/asserts" 26 "github.com/snapcore/snapd/bootloader" 27 "github.com/snapcore/snapd/kernel/fde" 28 "github.com/snapcore/snapd/secboot" 29 "github.com/snapcore/snapd/seed" 30 "github.com/snapcore/snapd/snap" 31 "github.com/snapcore/snapd/timings" 32 ) 33 34 func NewCoreBootParticipant(s snap.PlaceInfo, t snap.Type, dev Device) *coreBootParticipant { 35 bs, err := bootStateFor(t, dev) 36 if err != nil { 37 panic(err) 38 } 39 return &coreBootParticipant{s: s, bs: bs} 40 } 41 42 func NewCoreKernel(s snap.PlaceInfo, d Device) *coreKernel { 43 return &coreKernel{s, bootloaderOptionsForDeviceKernel(d)} 44 } 45 46 type Trivial = trivial 47 48 func (m *Modeenv) WasRead() bool { 49 return m.read 50 } 51 52 func (m *Modeenv) DeepEqual(m2 *Modeenv) bool { 53 return m.deepEqual(m2) 54 } 55 56 var ( 57 ModeenvKnownKeys = modeenvKnownKeys 58 59 MarshalModeenvEntryTo = marshalModeenvEntryTo 60 UnmarshalModeenvValueFromCfg = unmarshalModeenvValueFromCfg 61 62 NewTrustedAssetsCache = newTrustedAssetsCache 63 64 ObserveSuccessfulBootWithAssets = observeSuccessfulBootAssets 65 SealKeyToModeenv = sealKeyToModeenv 66 ResealKeyToModeenv = resealKeyToModeenv 67 RecoveryBootChainsForSystems = recoveryBootChainsForSystems 68 SealKeyModelParams = sealKeyModelParams 69 70 BootVarsForTrustedCommandLineFromGadget = bootVarsForTrustedCommandLineFromGadget 71 ) 72 73 type BootAssetsMap = bootAssetsMap 74 type BootCommandLines = bootCommandLines 75 type TrackedAsset = trackedAsset 76 77 func (t *TrackedAsset) Equals(blName, name, hash string) error { 78 equal := t.hash == hash && 79 t.name == name && 80 t.blName == blName 81 if !equal { 82 return fmt.Errorf("not equal to bootloader %q tracked asset %v:%v", t.blName, t.name, t.hash) 83 } 84 return nil 85 } 86 87 func (o *TrustedAssetsInstallObserver) CurrentTrustedBootAssetsMap() BootAssetsMap { 88 return o.currentTrustedBootAssetsMap() 89 } 90 91 func (o *TrustedAssetsInstallObserver) CurrentTrustedRecoveryBootAssetsMap() BootAssetsMap { 92 return o.currentTrustedRecoveryBootAssetsMap() 93 } 94 95 func (o *TrustedAssetsInstallObserver) CurrentDataEncryptionKey() secboot.EncryptionKey { 96 return o.dataEncryptionKey 97 } 98 99 func (o *TrustedAssetsInstallObserver) CurrentSaveEncryptionKey() secboot.EncryptionKey { 100 return o.saveEncryptionKey 101 } 102 103 func MockSecbootSealKeys(f func(keys []secboot.SealKeyRequest, params *secboot.SealKeysParams) error) (restore func()) { 104 old := secbootSealKeys 105 secbootSealKeys = f 106 return func() { 107 secbootSealKeys = old 108 } 109 } 110 111 func MockSecbootSealKeysWithFDESetupHook(f func(runHook fde.RunSetupHookFunc, keys []secboot.SealKeyRequest, params *secboot.SealKeysWithFDESetupHookParams) error) (restore func()) { 112 old := secbootSealKeysWithFDESetupHook 113 secbootSealKeysWithFDESetupHook = f 114 return func() { 115 secbootSealKeysWithFDESetupHook = old 116 } 117 } 118 119 func MockSecbootResealKeys(f func(params *secboot.ResealKeysParams) error) (restore func()) { 120 old := secbootResealKeys 121 secbootResealKeys = f 122 return func() { 123 secbootResealKeys = old 124 } 125 } 126 127 func MockSeedReadSystemEssential(f func(seedDir, label string, essentialTypes []snap.Type, tm timings.Measurer) (*asserts.Model, []*seed.Snap, error)) (restore func()) { 128 old := seedReadSystemEssential 129 seedReadSystemEssential = f 130 return func() { 131 seedReadSystemEssential = old 132 } 133 } 134 135 func (o *TrustedAssetsUpdateObserver) InjectChangedAsset(blName, assetName, hash string, recovery bool) { 136 ta := &trackedAsset{ 137 blName: blName, 138 name: assetName, 139 hash: hash, 140 } 141 if !recovery { 142 o.changedAssets = append(o.changedAssets, ta) 143 } else { 144 o.seedChangedAssets = append(o.seedChangedAssets, ta) 145 } 146 } 147 148 type BootAsset = bootAsset 149 type BootChain = bootChain 150 type PredictableBootChains = predictableBootChains 151 152 const ( 153 BootChainEquivalent = bootChainEquivalent 154 BootChainDifferent = bootChainDifferent 155 BootChainUnrevisioned = bootChainUnrevisioned 156 ) 157 158 var ( 159 ToPredictableBootAsset = toPredictableBootAsset 160 ToPredictableBootChain = toPredictableBootChain 161 ToPredictableBootChains = toPredictableBootChains 162 PredictableBootChainsEqualForReseal = predictableBootChainsEqualForReseal 163 BootAssetsToLoadChains = bootAssetsToLoadChains 164 BootAssetLess = bootAssetLess 165 WriteBootChains = writeBootChains 166 ReadBootChains = readBootChains 167 IsResealNeeded = isResealNeeded 168 169 SetImageBootFlags = setImageBootFlags 170 NextBootFlags = nextBootFlags 171 SetNextBootFlags = setNextBootFlags 172 ) 173 174 func SetBootFlagsInBootloader(flags []string, rootDir string) error { 175 blVars := make(map[string]string, 1) 176 177 if err := setImageBootFlags(flags, blVars); err != nil { 178 return err 179 } 180 181 // now find the recovery bootloader in the system dir and set the value on 182 // it 183 opts := &bootloader.Options{ 184 Role: bootloader.RoleRecovery, 185 } 186 bl, err := bootloader.Find(rootDir, opts) 187 if err != nil { 188 return err 189 } 190 191 return bl.SetBootVars(blVars) 192 } 193 194 func (b *bootChain) SetModelAssertion(model *asserts.Model) { 195 b.model = model 196 } 197 198 func (b *bootChain) SetKernelBootFile(kbf bootloader.BootFile) { 199 b.kernelBootFile = kbf 200 } 201 202 func (b *bootChain) KernelBootFile() bootloader.BootFile { 203 return b.kernelBootFile 204 } 205 206 func MockHasFDESetupHook(f func() (bool, error)) (restore func()) { 207 oldHasFDESetupHook := HasFDESetupHook 208 HasFDESetupHook = f 209 return func() { 210 HasFDESetupHook = oldHasFDESetupHook 211 } 212 } 213 214 func MockRunFDESetupHook(f fde.RunSetupHookFunc) (restore func()) { 215 oldRunFDESetupHook := RunFDESetupHook 216 RunFDESetupHook = f 217 return func() { RunFDESetupHook = oldRunFDESetupHook } 218 } 219 220 func MockResealKeyToModeenvUsingFDESetupHook(f func(string, *asserts.Model, *Modeenv, bool) error) (restore func()) { 221 old := resealKeyToModeenvUsingFDESetupHook 222 resealKeyToModeenvUsingFDESetupHook = f 223 return func() { 224 resealKeyToModeenvUsingFDESetupHook = old 225 } 226 } 227 228 func MockAdditionalBootFlags(bootFlags []string) (restore func()) { 229 old := understoodBootFlags 230 understoodBootFlags = append(understoodBootFlags, bootFlags...) 231 return func() { 232 understoodBootFlags = old 233 } 234 }