1 // SPDX-License-Identifier: BSD-2-Clause-Patent
3 * test-sbat.c - test our sbat functions.
8 #include "sbat_var_defs.h"
27 static struct sbat_entry
*
28 create_mock_sbat_entry(const char* comp_name
, const char* comp_gen
,
29 const char* vend_name
, const char* vend_pkg_name
,
30 const char* vend_ver
, const char* vend_url
)
32 struct sbat_entry
*new_entry
= AllocatePool(sizeof(*new_entry
));
35 new_entry
->component_name
= comp_name
;
36 new_entry
->component_generation
= comp_gen
;
37 new_entry
->vendor_name
= vend_name
;
38 new_entry
->vendor_package_name
= vend_pkg_name
;
39 new_entry
->vendor_version
= vend_ver
;
40 new_entry
->vendor_url
= vend_url
;
45 free_mock_sbat_entry(struct sbat_entry
*entry
)
52 create_mock_sbat_one_entry(char* comp_name
, char* comp_gen
, char* vend_name
,
53 char* vend_pkg_name
, char* vend_ver
, char* vend_url
)
55 struct sbat
*new_entry
= AllocatePool(sizeof(*new_entry
));
58 struct sbat_entry
*test_entry
;
59 struct sbat_entry
**entries
= AllocatePool(sizeof(*entries
));
62 test_entry
= create_mock_sbat_entry(comp_name
, comp_gen
, vend_name
,
63 vend_pkg_name
, vend_ver
, vend_url
);
66 entries
[0] = test_entry
;
68 new_entry
->entries
= entries
;
73 create_mock_sbat_multiple_entries(struct sbat_entry
*entry_array
,
77 struct sbat
*new_entry
= AllocatePool(sizeof(*new_entry
));
80 struct sbat_entry
*test_entry
;
81 struct sbat_entry
**entries
= AllocatePool(num_elem
* sizeof(*entries
));
84 for (i
= 0; i
< num_elem
; i
++) {
85 test_entry
= create_mock_sbat_entry(entry_array
[i
].component_name
,
86 entry_array
[i
].component_generation
,
87 entry_array
[i
].vendor_name
,
88 entry_array
[i
].vendor_package_name
,
89 entry_array
[i
].vendor_version
,
90 entry_array
[i
].vendor_url
);
93 entries
[i
] = test_entry
;
95 new_entry
->size
= num_elem
;
96 new_entry
->entries
= entries
;
102 free_mock_sbat(struct sbat
*sbat
)
106 for (i
= 0; i
< sbat
->size
; i
++) {
107 if (sbat
->entries
[i
]) {
108 FreePool(sbat
->entries
[i
]);
115 static struct sbat_var
*
116 create_mock_sbat_var_entry(const char* comp_name
, const char* comp_gen
)
118 struct sbat_var
*new_entry
= AllocatePool(sizeof(*new_entry
));
121 INIT_LIST_HEAD(&new_entry
->list
);
122 int comp_name_size
= strlen(comp_name
) + 1;
123 CHAR8
*alloc_comp_name
= AllocatePool(comp_name_size
* sizeof(*alloc_comp_name
));
124 if (!alloc_comp_name
)
126 int comp_gen_size
= strlen(comp_gen
) + 1;
127 CHAR8
*alloc_comp_gen
= AllocatePool(comp_gen_size
* sizeof(*alloc_comp_gen
));
130 CopyMem(alloc_comp_name
, comp_name
, comp_name_size
);
131 CopyMem(alloc_comp_gen
, comp_gen
, comp_gen_size
);
132 new_entry
->component_name
= alloc_comp_name
;
133 new_entry
->component_generation
= alloc_comp_gen
;
138 create_mock_sbat_entries_one_entry(char* name
, char* gen
)
140 list_t
*test_sbat_entries
= AllocatePool(sizeof(*test_sbat_entries
));
141 if (!test_sbat_entries
)
143 INIT_LIST_HEAD(test_sbat_entries
);
144 struct sbat_var
*test_entry
;
145 test_entry
= create_mock_sbat_var_entry(name
, gen
);
148 list_add(&test_entry
->list
, test_sbat_entries
);
149 return test_sbat_entries
;
153 create_mock_sbat_entries_multiple_entries(struct sbat_var
*var_array
,
157 list_t
*test_sbat_entries
= AllocatePool(sizeof(*test_sbat_entries
));
158 if (!test_sbat_entries
)
160 INIT_LIST_HEAD(test_sbat_entries
);
161 struct sbat_var
*test_entry
;
162 for (i
= 0; i
< num_elem
; i
++) {
163 test_entry
= create_mock_sbat_var_entry(var_array
[i
].component_name
,
164 var_array
[i
].component_generation
);
167 list_add(&test_entry
->list
, test_sbat_entries
);
169 return test_sbat_entries
;
173 free_mock_sbat_entries(list_t
*entries
)
177 struct sbat_var
*entry
;
181 list_for_each_safe(pos
, n
, entries
)
183 entry
= list_entry(pos
, struct sbat_var
, list
);
184 list_del(&entry
->list
);
185 if (entry
->component_name
)
186 FreePool((CHAR8
*)entry
->component_name
);
187 if (entry
->component_generation
)
188 FreePool((CHAR8
*)entry
->component_generation
);
197 * parse_sbat_section() tests
200 test_parse_sbat_tiny(void)
202 char section_base
[] = "\0a\00";
203 size_t section_size
= 2;
204 struct sbat_section_entry
**entries
;
208 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
209 assert_equal_return(status
, EFI_SUCCESS
, -1, "got %#hhx expected %#hhx\n");
210 assert_equal_return(n
, 0, -1, "got %#hhx expected %#hhx\n");
216 test_parse_sbat_section_null_sbat_base(void)
218 char *section_base
= NULL
;
219 size_t section_size
= 20;
220 struct sbat_section_entry
**entries
;
224 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
225 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
231 test_parse_sbat_section_zero_sbat_size(void)
233 char section_base
[] = "test1,1,SBAT test1,acme,1,testURL\n";
234 size_t section_size
= 0;
235 struct sbat_section_entry
**entries
;
239 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
240 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
246 test_parse_sbat_section_null_entries(void)
248 char section_base
[] = "test1,1,SBAT test1,acme,1,testURL\n";
249 /* intentionally not NUL terminated */
250 size_t section_size
= sizeof(section_base
) - 1;
254 status
= parse_sbat_section(section_base
, section_size
, &n
, NULL
);
255 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
261 test_parse_sbat_section_null_count(void)
263 char section_base
[] = "test1,1,SBAT test1,acme,1,testURL\n";
264 /* intentionally not NUL terminated */
265 size_t section_size
= sizeof(section_base
) - 1;
266 struct sbat_section_entry
**entries
;
269 status
= parse_sbat_section(section_base
, section_size
, NULL
, &entries
);
270 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
276 test_parse_sbat_section_no_newline(void)
278 char section_base
[] = "test1,1,SBAT test1,acme,1,testURL";
279 /* intentionally not NUL terminated */
280 size_t section_size
= sizeof(section_base
) - 1;
281 struct sbat_section_entry
**entries
;
285 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
286 cleanup_sbat_section_entries(n
, entries
);
287 assert_equal_return(status
, EFI_SUCCESS
, -1, "got %#hhx expected %#hhx\n");
293 test_parse_sbat_section_no_commas(void)
295 char section_base
[] = "test1";
296 /* intentionally not NUL terminated */
297 size_t section_size
= sizeof(section_base
) - 1;
298 struct sbat_section_entry
**entries
;
302 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
303 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
309 test_parse_sbat_section_too_few_elem(void)
311 char section_base
[] = "test1,1,acme";
312 /* intentionally not NUL terminated */
313 size_t section_size
= sizeof(section_base
) - 1;
314 struct sbat_section_entry
**entries
;
318 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
319 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
325 test_parse_sbat_section_too_many_elem(void)
327 char section_base
[] = "test1,1,SBAT test1,acme1,1,testURL1,other1,stuff,is,here\n"
328 "test2,2,SBAT test2,acme2,2,testURL2,other2";
329 /* intentionally not NUL terminated */
330 size_t section_size
= sizeof(section_base
) - 1;
331 struct sbat_section_entry
**entries
;
335 struct sbat_section_entry test_section_entry1
= {
336 "test1", "1", "SBAT test1", "acme1", "1", "testURL1"
338 struct sbat_section_entry test_section_entry2
= {
339 "test2", "2", "SBAT test2", "acme2", "2", "testURL2"
341 struct sbat_section_entry
*test_entries
[] = {
342 &test_section_entry1
, &test_section_entry2
,
346 status
= parse_sbat_section(section_base
, section_size
, &n
, &entries
);
347 assert_equal_return(status
, EFI_SUCCESS
, -1, "got %#hhx expected %#hhx\n");
349 for (i
= 0; i
< n
; i
++) {
350 struct sbat_section_entry
*entry
= entries
[i
];
351 struct sbat_section_entry
*test_entry
= test_entries
[i
];
353 #define mkassert(a) \
354 assert_equal_goto(strcmp(entry-> a, test_entry-> a), 0, fail, \
355 "got %zu expected %d\n")
357 mkassert(component_name
);
358 mkassert(component_generation
);
359 mkassert(vendor_name
);
360 mkassert(vendor_package_name
);
361 mkassert(vendor_version
);
362 mkassert(vendor_url
);
366 assert_equal_goto(n
, 2, fail
, "got %zu expected %d\n");
369 cleanup_sbat_section_entries(n
, entries
);
374 * parse_sbat_var() tests
377 test_parse_sbat_var_null_list(void)
381 INIT_LIST_HEAD(&sbat_var
);
382 status
= parse_sbat_var(NULL
, NULL
);
383 cleanup_sbat_var(&sbat_var
);
384 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
390 test_parse_sbat_var_data_null_list(void)
392 char sbat_var_data
[] = "test1,1,2021022400";
394 * intentionally including the NUL termination, because
395 * get_variable() will always include it.
397 size_t sbat_var_data_size
= sizeof(sbat_var_data
);
400 INIT_LIST_HEAD(&sbat_var
);
401 status
= parse_sbat_var_data(NULL
, sbat_var_data
, sbat_var_data_size
);
402 cleanup_sbat_var(&sbat_var
);
404 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
410 test_parse_sbat_var_data_null_data(void)
412 size_t sbat_var_data_size
= 4;
415 INIT_LIST_HEAD(&sbat_var
);
416 status
= parse_sbat_var_data(&sbat_var
, NULL
, sbat_var_data_size
);
417 cleanup_sbat_var(&sbat_var
);
419 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
425 test_parse_sbat_var_data_zero_size(void)
427 char sbat_var_data
[] = "test1,1,2021022400";
430 INIT_LIST_HEAD(&sbat_var
);
431 status
= parse_sbat_var_data(&sbat_var
, sbat_var_data
, 0);
432 cleanup_sbat_var(&sbat_var
);
434 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
440 test_parse_sbat_var_data(void)
442 char sbat_var_data
[] = "test1,1,2021022400";
445 INIT_LIST_HEAD(&sbat_var
);
446 status
= parse_sbat_var_data(&sbat_var
, sbat_var_data
, 0);
448 assert_equal_return(status
, EFI_INVALID_PARAMETER
, -1, "got %#hhx expected %#hhx\n");
454 * verify_sbat() tests
455 * Note: verify_sbat also frees the underlying "sbat_entries" memory.
458 test_verify_sbat_null_sbat_section(void)
460 char sbat_var_data
[] = "test1,1";
462 list_t test_sbat_var
;
464 struct sbat_section_entry
**entries
= NULL
;
467 INIT_LIST_HEAD(&test_sbat_var
);
468 status
= parse_sbat_var_data(&test_sbat_var
, sbat_var_data
, sizeof(sbat_var_data
));
469 assert_equal_goto(status
, EFI_SUCCESS
, err
, "got %#x expected %#x\n");
471 status
= verify_sbat_helper(&test_sbat_var
, n
, entries
);
472 assert_equal_goto(status
, EFI_SUCCESS
, err
, "got %#x expected %#x\n");
475 cleanup_sbat_var(&test_sbat_var
);
482 test_verify_sbat_null_sbat_entries(void)
484 struct sbat
*test_sbat
;
485 test_sbat
= create_mock_sbat_one_entry("test1","1","SBAT test1",
486 "acme","1","testURL");
491 INIT_LIST_HEAD(&sbat_entries
);
494 status
= verify_sbat(test_sbat
, &sbat_entries
);
496 assert(status
== EFI_INVALID_PARAMETER
);
497 free_mock_sbat(test_sbat
);
502 test_verify_sbat_match_one_exact(void)
504 struct sbat
*test_sbat
;
505 struct sbat_entry sbat_entry_array
[2];
506 sbat_entry_array
[0].component_name
= "test1";
507 sbat_entry_array
[0].component_generation
= "1";
508 sbat_entry_array
[0].vendor_name
= "SBAT test1";
509 sbat_entry_array
[0].vendor_package_name
= "acme";
510 sbat_entry_array
[0].vendor_version
= "1";
511 sbat_entry_array
[0].vendor_url
= "testURL";
512 sbat_entry_array
[1].component_name
= "test2";
513 sbat_entry_array
[1].component_generation
= "2";
514 sbat_entry_array
[1].vendor_name
= "SBAT test2";
515 sbat_entry_array
[1].vendor_package_name
= "acme2";
516 sbat_entry_array
[1].vendor_version
= "2";
517 sbat_entry_array
[1].vendor_url
= "testURL2";
518 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
, 2);
522 list_t
*test_sbat_entries
;
523 test_sbat_entries
= create_mock_sbat_entries_one_entry("test1", "1");
524 if (!test_sbat_entries
)
528 status
= verify_sbat(test_sbat
, test_sbat_entries
);
530 assert(status
== EFI_SUCCESS
);
531 free_mock_sbat(test_sbat
);
532 free_mock_sbat_entries(test_sbat_entries
);
537 test_verify_sbat_match_one_higher(void)
539 struct sbat
*test_sbat
;
540 struct sbat_entry sbat_entry_array
[2];
541 sbat_entry_array
[0].component_name
= "test1";
542 sbat_entry_array
[0].component_generation
= "1";
543 sbat_entry_array
[0].vendor_name
= "SBAT test1";
544 sbat_entry_array
[0].vendor_package_name
= "acme";
545 sbat_entry_array
[0].vendor_version
= "1";
546 sbat_entry_array
[0].vendor_url
= "testURL";
547 sbat_entry_array
[1].component_name
= "test2";
548 sbat_entry_array
[1].component_generation
= "2";
549 sbat_entry_array
[1].vendor_name
= "SBAT test2";
550 sbat_entry_array
[1].vendor_package_name
= "acme2";
551 sbat_entry_array
[1].vendor_version
= "2";
552 sbat_entry_array
[1].vendor_url
= "testURL2";
553 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
, 2);
557 list_t
*test_sbat_entries
;
558 test_sbat_entries
= create_mock_sbat_entries_one_entry("test2", "1");
559 if (!test_sbat_entries
)
563 status
= verify_sbat(test_sbat
, test_sbat_entries
);
565 assert(status
== EFI_SUCCESS
);
566 free_mock_sbat(test_sbat
);
567 free_mock_sbat_entries(test_sbat_entries
);
572 test_verify_sbat_reject_one(void)
574 struct sbat
*test_sbat
;
575 struct sbat_entry sbat_entry_array
[2];
576 sbat_entry_array
[0].component_name
= "test1";
577 sbat_entry_array
[0].component_generation
= "1";
578 sbat_entry_array
[0].vendor_name
= "SBAT test1";
579 sbat_entry_array
[0].vendor_package_name
= "acme";
580 sbat_entry_array
[0].vendor_version
= "1";
581 sbat_entry_array
[0].vendor_url
= "testURL";
582 sbat_entry_array
[1].component_name
= "test2";
583 sbat_entry_array
[1].component_generation
= "2";
584 sbat_entry_array
[1].vendor_name
= "SBAT test2";
585 sbat_entry_array
[1].vendor_package_name
= "acme2";
586 sbat_entry_array
[1].vendor_version
= "2";
587 sbat_entry_array
[1].vendor_url
= "testURL2";
588 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
, 2);
592 list_t
*test_sbat_entries
;
593 test_sbat_entries
= create_mock_sbat_entries_one_entry("test2", "3");
594 if (!test_sbat_entries
)
598 status
= verify_sbat(test_sbat
, test_sbat_entries
);
600 assert(status
== EFI_SECURITY_VIOLATION
);
601 free_mock_sbat(test_sbat
);
602 free_mock_sbat_entries(test_sbat_entries
);
607 test_verify_sbat_reject_many(void)
609 struct sbat
*test_sbat
;
610 unsigned int sbat_entry_array_size
= 2;
611 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
612 sbat_entry_array
[0].component_name
= "test1";
613 sbat_entry_array
[0].component_generation
= "1";
614 sbat_entry_array
[0].vendor_name
= "SBAT test1";
615 sbat_entry_array
[0].vendor_package_name
= "acme";
616 sbat_entry_array
[0].vendor_version
= "1";
617 sbat_entry_array
[0].vendor_url
= "testURL";
618 sbat_entry_array
[1].component_name
= "test2";
619 sbat_entry_array
[1].component_generation
= "2";
620 sbat_entry_array
[1].vendor_name
= "SBAT test2";
621 sbat_entry_array
[1].vendor_package_name
= "acme2";
622 sbat_entry_array
[1].vendor_version
= "2";
623 sbat_entry_array
[1].vendor_url
= "testURL2";
624 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
625 sbat_entry_array_size
);
629 list_t
*test_sbat_entries
;
630 unsigned int sbat_var_array_size
= 2;
631 struct sbat_var sbat_var_array
[sbat_var_array_size
];
632 sbat_var_array
[0].component_name
= "test1";
633 sbat_var_array
[0].component_generation
= "1";
634 sbat_var_array
[1].component_name
= "test2";
635 sbat_var_array
[1].component_generation
= "3";
636 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
637 sbat_var_array_size
);
638 if (!test_sbat_entries
)
642 status
= verify_sbat(test_sbat
, test_sbat_entries
);
644 assert(status
== EFI_SECURITY_VIOLATION
);
645 free_mock_sbat(test_sbat
);
646 free_mock_sbat_entries(test_sbat_entries
);
651 test_verify_sbat_match_many_higher(void)
653 struct sbat
*test_sbat
;
654 unsigned int sbat_entry_array_size
= 2;
655 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
656 sbat_entry_array
[0].component_name
= "test1";
657 sbat_entry_array
[0].component_generation
= "3";
658 sbat_entry_array
[0].vendor_name
= "SBAT test1";
659 sbat_entry_array
[0].vendor_package_name
= "acme";
660 sbat_entry_array
[0].vendor_version
= "1";
661 sbat_entry_array
[0].vendor_url
= "testURL";
662 sbat_entry_array
[1].component_name
= "test2";
663 sbat_entry_array
[1].component_generation
= "5";
664 sbat_entry_array
[1].vendor_name
= "SBAT test2";
665 sbat_entry_array
[1].vendor_package_name
= "acme2";
666 sbat_entry_array
[1].vendor_version
= "2";
667 sbat_entry_array
[1].vendor_url
= "testURL2";
668 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
669 sbat_entry_array_size
);
673 list_t
*test_sbat_entries
;
674 unsigned int sbat_var_array_size
= 2;
675 struct sbat_var sbat_var_array
[sbat_var_array_size
];
676 sbat_var_array
[0].component_name
= "test1";
677 sbat_var_array
[0].component_generation
= "1";
678 sbat_var_array
[1].component_name
= "test2";
679 sbat_var_array
[1].component_generation
= "2";
680 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
681 sbat_var_array_size
);
682 if (!test_sbat_entries
)
686 status
= verify_sbat(test_sbat
, test_sbat_entries
);
688 assert(status
== EFI_SUCCESS
);
689 free_mock_sbat(test_sbat
);
690 free_mock_sbat_entries(test_sbat_entries
);
695 test_verify_sbat_match_many_exact(void)
697 struct sbat
*test_sbat
;
698 unsigned int sbat_entry_array_size
= 2;
699 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
700 sbat_entry_array
[0].component_name
= "test1";
701 sbat_entry_array
[0].component_generation
= "1";
702 sbat_entry_array
[0].vendor_name
= "SBAT test1";
703 sbat_entry_array
[0].vendor_package_name
= "acme";
704 sbat_entry_array
[0].vendor_version
= "1";
705 sbat_entry_array
[0].vendor_url
= "testURL";
706 sbat_entry_array
[1].component_name
= "test2";
707 sbat_entry_array
[1].component_generation
= "2";
708 sbat_entry_array
[1].vendor_name
= "SBAT test2";
709 sbat_entry_array
[1].vendor_package_name
= "acme2";
710 sbat_entry_array
[1].vendor_version
= "2";
711 sbat_entry_array
[1].vendor_url
= "testURL2";
712 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
713 sbat_entry_array_size
);
717 list_t
*test_sbat_entries
;
718 unsigned int sbat_var_array_size
= 2;
719 struct sbat_var sbat_var_array
[sbat_var_array_size
];
720 sbat_var_array
[0].component_name
= "test1";
721 sbat_var_array
[0].component_generation
= "1";
722 sbat_var_array
[1].component_name
= "test2";
723 sbat_var_array
[1].component_generation
= "2";
724 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
725 sbat_var_array_size
);
726 if (!test_sbat_entries
)
730 status
= verify_sbat(test_sbat
, test_sbat_entries
);
732 assert(status
== EFI_SUCCESS
);
733 free_mock_sbat(test_sbat
);
734 free_mock_sbat_entries(test_sbat_entries
);
739 test_verify_sbat_reject_many_all(void)
741 struct sbat
*test_sbat
;
742 unsigned int sbat_entry_array_size
= 2;
743 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
744 sbat_entry_array
[0].component_name
= "test1";
745 sbat_entry_array
[0].component_generation
= "1";
746 sbat_entry_array
[0].vendor_name
= "SBAT test1";
747 sbat_entry_array
[0].vendor_package_name
= "acme";
748 sbat_entry_array
[0].vendor_version
= "1";
749 sbat_entry_array
[0].vendor_url
= "testURL";
750 sbat_entry_array
[1].component_name
= "test2";
751 sbat_entry_array
[1].component_generation
= "2";
752 sbat_entry_array
[1].vendor_name
= "SBAT test2";
753 sbat_entry_array
[1].vendor_package_name
= "acme2";
754 sbat_entry_array
[1].vendor_version
= "2";
755 sbat_entry_array
[1].vendor_url
= "testURL2";
756 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
757 sbat_entry_array_size
);
761 list_t
*test_sbat_entries
;
762 unsigned int sbat_var_array_size
= 2;
763 struct sbat_var sbat_var_array
[sbat_var_array_size
];
764 sbat_var_array
[0].component_name
= "test1";
765 sbat_var_array
[0].component_generation
= "3";
766 sbat_var_array
[1].component_name
= "test2";
767 sbat_var_array
[1].component_generation
= "5";
768 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
769 sbat_var_array_size
);
770 if (!test_sbat_entries
)
774 status
= verify_sbat(test_sbat
, test_sbat_entries
);
776 assert(status
== EFI_SECURITY_VIOLATION
);
777 free_mock_sbat(test_sbat
);
778 free_mock_sbat_entries(test_sbat_entries
);
783 test_verify_sbat_match_diff_name(void)
785 struct sbat
*test_sbat
;
786 unsigned int sbat_entry_array_size
= 2;
787 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
788 sbat_entry_array
[0].component_name
= "test1";
789 sbat_entry_array
[0].component_generation
= "1";
790 sbat_entry_array
[0].vendor_name
= "SBAT test1";
791 sbat_entry_array
[0].vendor_package_name
= "acme";
792 sbat_entry_array
[0].vendor_version
= "1";
793 sbat_entry_array
[0].vendor_url
= "testURL";
794 sbat_entry_array
[1].component_name
= "test2";
795 sbat_entry_array
[1].component_generation
= "2";
796 sbat_entry_array
[1].vendor_name
= "SBAT test2";
797 sbat_entry_array
[1].vendor_package_name
= "acme2";
798 sbat_entry_array
[1].vendor_version
= "2";
799 sbat_entry_array
[1].vendor_url
= "testURL2";
800 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
801 sbat_entry_array_size
);
805 list_t
*test_sbat_entries
;
806 unsigned int sbat_var_array_size
= 2;
807 struct sbat_var sbat_var_array
[sbat_var_array_size
];
808 sbat_var_array
[0].component_name
= "foo";
809 sbat_var_array
[0].component_generation
= "5";
810 sbat_var_array
[1].component_name
= "bar";
811 sbat_var_array
[1].component_generation
= "2";
812 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
813 sbat_var_array_size
);
814 if (!test_sbat_entries
)
818 status
= verify_sbat(test_sbat
, test_sbat_entries
);
820 assert(status
== EFI_SUCCESS
);
821 free_mock_sbat(test_sbat
);
822 free_mock_sbat_entries(test_sbat_entries
);
827 test_verify_sbat_match_diff_name_mixed(void)
829 struct sbat
*test_sbat
;
830 unsigned int sbat_entry_array_size
= 2;
831 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
832 sbat_entry_array
[0].component_name
= "test1";
833 sbat_entry_array
[0].component_generation
= "1";
834 sbat_entry_array
[0].vendor_name
= "SBAT test1";
835 sbat_entry_array
[0].vendor_package_name
= "acme";
836 sbat_entry_array
[0].vendor_version
= "1";
837 sbat_entry_array
[0].vendor_url
= "testURL";
838 sbat_entry_array
[1].component_name
= "test2";
839 sbat_entry_array
[1].component_generation
= "2";
840 sbat_entry_array
[1].vendor_name
= "SBAT test2";
841 sbat_entry_array
[1].vendor_package_name
= "acme2";
842 sbat_entry_array
[1].vendor_version
= "2";
843 sbat_entry_array
[1].vendor_url
= "testURL2";
844 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
845 sbat_entry_array_size
);
849 list_t
*test_sbat_entries
;
850 unsigned int sbat_var_array_size
= 2;
851 struct sbat_var sbat_var_array
[sbat_var_array_size
];
852 sbat_var_array
[0].component_name
= "test1";
853 sbat_var_array
[0].component_generation
= "1";
854 sbat_var_array
[1].component_name
= "bar";
855 sbat_var_array
[1].component_generation
= "2";
856 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
857 sbat_var_array_size
);
858 if (!test_sbat_entries
)
862 status
= verify_sbat(test_sbat
, test_sbat_entries
);
864 assert(status
== EFI_SUCCESS
);
865 free_mock_sbat(test_sbat
);
866 free_mock_sbat_entries(test_sbat_entries
);
871 test_verify_sbat_reject_diff_name_mixed(void)
873 struct sbat
*test_sbat
;
874 unsigned int sbat_entry_array_size
= 2;
875 struct sbat_entry sbat_entry_array
[sbat_entry_array_size
];
876 sbat_entry_array
[0].component_name
= "test1";
877 sbat_entry_array
[0].component_generation
= "1";
878 sbat_entry_array
[0].vendor_name
= "SBAT test1";
879 sbat_entry_array
[0].vendor_package_name
= "acme";
880 sbat_entry_array
[0].vendor_version
= "1";
881 sbat_entry_array
[0].vendor_url
= "testURL";
882 sbat_entry_array
[1].component_name
= "test2";
883 sbat_entry_array
[1].component_generation
= "2";
884 sbat_entry_array
[1].vendor_name
= "SBAT test2";
885 sbat_entry_array
[1].vendor_package_name
= "acme2";
886 sbat_entry_array
[1].vendor_version
= "2";
887 sbat_entry_array
[1].vendor_url
= "testURL2";
888 test_sbat
= create_mock_sbat_multiple_entries(sbat_entry_array
,
889 sbat_entry_array_size
);
893 list_t
*test_sbat_entries
;
894 unsigned int sbat_var_array_size
= 2;
895 struct sbat_var sbat_var_array
[sbat_var_array_size
];
896 sbat_var_array
[0].component_name
= "test1";
897 sbat_var_array
[0].component_generation
= "5";
898 sbat_var_array
[1].component_name
= "bar";
899 sbat_var_array
[1].component_generation
= "2";
900 test_sbat_entries
= create_mock_sbat_entries_multiple_entries(sbat_var_array
,
901 sbat_var_array_size
);
902 if (!test_sbat_entries
)
906 status
= verify_sbat(test_sbat
, test_sbat_entries
);
908 assert(status
== EFI_SECURITY_VIOLATION
);
909 free_mock_sbat(test_sbat
);
910 free_mock_sbat_entries(test_sbat_entries
);
916 test_parse_and_verify(void)
919 char sbat_section
[] =
920 "test1,1,SBAT test1,acme1,1,testURL1\n"
921 "test2,2,SBAT test2,acme2,2,testURL2\n";
922 struct sbat_section_entry
**section_entries
= NULL
;
923 size_t n_section_entries
= 0, i
;
924 struct sbat_section_entry test_section_entry1
= {
925 "test1", "1", "SBAT test1", "acme1", "1", "testURL1"
927 struct sbat_section_entry test_section_entry2
= {
928 "test2", "2", "SBAT test2", "acme2", "2", "testURL2"
930 struct sbat_section_entry
*test_entries
[] = {
931 &test_section_entry1
, &test_section_entry2
,
935 status
= parse_sbat_section(sbat_section
, sizeof(sbat_section
)-1,
936 &n_section_entries
, §ion_entries
);
937 eassert(status
== EFI_SUCCESS
, "expected %d got %d\n",
938 EFI_SUCCESS
, status
);
939 eassert(section_entries
!= NULL
, "expected non-NULL got NULL\n");
941 for (i
= 0; i
< n_section_entries
; i
++) {
942 struct sbat_section_entry
*entry
= section_entries
[i
];
943 struct sbat_section_entry
*test_entry
= test_entries
[i
];
945 #define mkassert(a) \
946 eassert(strcmp(entry-> a, test_entry-> a) == 0, \
947 "expected \"%s\" got \"%s\"\n", \
948 test_entry-> a, entry-> a )
950 mkassert(component_name
);
951 mkassert(component_generation
);
952 mkassert(vendor_name
);
953 mkassert(vendor_package_name
);
954 mkassert(vendor_version
);
955 mkassert(vendor_url
);
960 eassert(n_section_entries
== 2, "expected %d got %d\n",
961 2, n_section_entries
);
963 char sbat_var_data
[] = "test1,5\nbar,2\n";
964 size_t sbat_var_data_size
= sizeof(sbat_var_data
);
965 char *sbat_var_alloced
= calloc(1, sbat_var_data_size
);
966 if (!sbat_var_alloced
)
968 memcpy(sbat_var_alloced
, sbat_var_data
, sbat_var_data_size
);
970 INIT_LIST_HEAD(&sbat_var
);
971 status
= parse_sbat_var_data(&sbat_var
, sbat_var_alloced
, sbat_var_data_size
);
972 free(sbat_var_alloced
);
973 if (status
!= EFI_SUCCESS
|| list_empty(&sbat_var
))
976 status
= verify_sbat(n_section_entries
, section_entries
);
977 assert_equal_goto(status
, EFI_SECURITY_VIOLATION
, err
, "expected %#x got %#x\n");
981 cleanup_sbat_section_entries(n_section_entries
, section_entries
);
982 cleanup_sbat_var(&sbat_var
);
988 test_preserve_sbat_uefi_variable_good(void)
990 char sbat
[] = "sbat,1,2021030218\ncomponent,2,\n";
991 char sbatvar
[] = "sbat,1,2021030218\ncomponent,2,\n";
992 size_t sbat_size
= sizeof(sbat
);
993 UINT32 attributes
= SBAT_VAR_ATTRS
;
995 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1002 test_preserve_sbat_uefi_variable_version_newer(void)
1004 char sbat
[] = "sbat,2,2022030218\ncomponent,2,\n";
1005 char sbatvar
[] = "sbat,1,2021030218\ncomponent,2,\n";
1006 size_t sbat_size
= sizeof(sbat
);
1007 UINT32 attributes
= SBAT_VAR_ATTRS
;
1009 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1016 test_preserve_sbat_uefi_variable_version_newerlonger(void)
1018 char sbat
[] = "sbat,10,2022030218\ncomponent,2,\n";
1019 char sbatvar
[] = "sbat,2,2021030218\ncomponent,2,\n";
1020 size_t sbat_size
= sizeof(sbat
);
1021 UINT32 attributes
= SBAT_VAR_ATTRS
;
1023 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1030 test_preserve_sbat_uefi_variable_version_older(void)
1032 char sbat
[] = "sbat,1,2021030218\ncomponent,2,\n";
1033 char sbatvar
[] = "sbat,2,2022030218\ncomponent,2,\n";
1034 size_t sbat_size
= sizeof(sbat
);
1035 UINT32 attributes
= SBAT_VAR_ATTRS
;
1037 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1044 test_preserve_sbat_uefi_variable_version_olderlonger(void)
1046 char sbat
[] = "sbat,2,2021030218\ncomponent,2,\n";
1047 char sbatvar
[] = "sbat,10,2022030218\ncomponent,2,\n";
1048 size_t sbat_size
= sizeof(sbat
);
1049 UINT32 attributes
= SBAT_VAR_ATTRS
;
1051 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1059 test_preserve_sbat_uefi_variable_newer(void)
1061 char sbat
[] = "sbat,1,2021030218\ncomponent,2,\n";
1062 char sbatvar
[] = "sbat,1,2025030218\ncomponent,5,\ncomponent,3";
1063 size_t sbat_size
= sizeof(sbat
);
1064 UINT32 attributes
= SBAT_VAR_ATTRS
;
1066 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1072 test_preserve_sbat_uefi_variable_older(void)
1074 char sbat
[] = "sbat,1,2025030218\ncomponent,2,\ncomponent,3";
1075 char sbatvar
[] = "sbat,1,2020030218\ncomponent,1,\n";
1076 size_t sbat_size
= sizeof(sbat
);
1077 UINT32 attributes
= SBAT_VAR_ATTRS
;
1079 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1086 test_preserve_sbat_uefi_variable_bad_sig(void)
1088 char sbat
[] = "bad_sig,1,2021030218\ncomponent,2,\n";
1089 char sbatvar
[] = "sbat,1,2021030218\n";
1090 size_t sbat_size
= sizeof(sbat
);
1091 UINT32 attributes
= SBAT_VAR_ATTRS
;
1093 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1100 test_preserve_sbat_uefi_variable_bad_attr(void)
1102 char sbat
[] = "sbat,1,2021030218\ncomponent,2,\n";
1103 char sbatvar
[] = "sbat,1,2021030218\n";
1104 size_t sbat_size
= sizeof(sbat
);
1105 UINT32 attributes
= 0;
1107 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1114 test_preserve_sbat_uefi_variable_bad_short(void)
1116 char sbat
[] = "sba";
1117 char sbatvar
[] = "sbat,1,2021030218\n";
1118 size_t sbat_size
= sizeof(sbat
);
1119 UINT32 attributes
= SBAT_VAR_ATTRS
;
1121 if (preserve_sbat_uefi_variable(sbat
, sbat_size
, attributes
, sbatvar
))
1128 test_sbat_var_asciz(void)
1131 char buf
[1024] = "";
1133 UINTN size
= sizeof(buf
);
1134 char expected
[] = SBAT_VAR_AUTOMATIC
;
1136 status
= set_sbat_uefi_variable(SBAT_VAR_AUTOMATIC
, SBAT_VAR_AUTOMATIC
);
1137 if (status
!= EFI_SUCCESS
)
1140 status
= RT
->GetVariable(SBAT_VAR_NAME
, &SHIM_LOCK_GUID
, &attrs
, &size
, buf
);
1141 if (status
!= EFI_SUCCESS
)
1145 * this should be enough to get past "sbat,", which handles the
1148 if (size
< (strlen(SBAT_VAR_SIG
) + 2) || size
!= strlen(expected
))
1151 if (strncmp(expected
, buf
, size
) != 0)
1162 // parse_sbat section tests
1163 test(test_parse_sbat_tiny
);
1164 test(test_parse_sbat_section_null_sbat_base
);
1165 test(test_parse_sbat_section_zero_sbat_size
);
1166 test(test_parse_sbat_section_null_entries
);
1167 test(test_parse_sbat_section_null_count
);
1168 test(test_parse_sbat_section_no_newline
);
1169 test(test_parse_sbat_section_no_commas
);
1170 test(test_parse_sbat_section_too_few_elem
);
1171 test(test_parse_sbat_section_too_many_elem
);
1173 // parse_sbat_var tests
1174 test(test_parse_sbat_var_null_list
);
1175 test(test_parse_sbat_var_data_null_list
);
1176 test(test_parse_sbat_var_data_null_data
);
1177 test(test_parse_sbat_var_data_zero_size
);
1179 // verify_sbat tests
1180 test(test_verify_sbat_null_sbat_section
);
1182 test(test_verify_sbat_null_sbat_entries
);
1183 test(test_verify_sbat_match_one_exact
);
1184 test(test_verify_sbat_match_one_higher
);
1185 test(test_verify_sbat_reject_one
);
1186 test(test_verify_sbat_reject_many
);
1187 test(test_verify_sbat_match_many_higher
);
1188 test(test_verify_sbat_match_many_exact
);
1189 test(test_verify_sbat_reject_many_all
);
1190 test(test_verify_sbat_match_diff_name
);
1191 test(test_verify_sbat_match_diff_name_mixed
);
1192 test(test_verify_sbat_reject_diff_name_mixed
);
1194 test(test_parse_and_verify
);
1196 test(test_preserve_sbat_uefi_variable_good
);
1197 test(test_preserve_sbat_uefi_variable_newer
);
1198 test(test_preserve_sbat_uefi_variable_older
);
1199 test(test_preserve_sbat_uefi_variable_bad_sig
);
1200 test(test_preserve_sbat_uefi_variable_bad_attr
);
1201 test(test_preserve_sbat_uefi_variable_bad_short
);
1202 test(test_preserve_sbat_uefi_variable_version_newer
);
1203 test(test_preserve_sbat_uefi_variable_version_newerlonger
);
1204 test(test_preserve_sbat_uefi_variable_version_older
);
1205 test(test_preserve_sbat_uefi_variable_version_olderlonger
);
1207 test(test_sbat_var_asciz
);
1212 // vim:fenc=utf-8:tw=75:noet