mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-07 13:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
cf8be2c320
flatcar-scripts/security_test_image
Mike Frysinger 3a70d67b7f security_test_image: new signer test script 
Add a script so devs can run signer security tests themselves to
make sure they don't break them.

BUG=chromium-os:19543
TEST=`cbuildbot lumpy-release` passed and ran signer tests

Change-Id: I68cc3ec19616be3c91a1a14550cb38c2e6f2503d
Reviewed-on: https://gerrit.chromium.org/gerrit/34326
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
2012-10-02 16:45:18 -07:00

113 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
CROS_LOG_PREFIX=${0##*/}
SCRIPT_ROOT=$(dirname "$(readlink -f "$0")")
. "${SCRIPT_ROOT}/build_library/build_common.sh" || exit 1
# Developer-visible flags.
DEFINE_string board "${DEFAULT_BOARD}" \
"The board to build an image for."
DEFINE_string image "" \
"Source release image to use (${CHROMEOS_RECOVERY_IMAGE_NAME} by default)."
DEFINE_string baselines "" \
"Directory to load security baselines from (default from cros-signing)"
FLAGS_HELP="USAGE: security_test_image [flags]
This script is used to run security tests on a Chrome OS images.
Note: You probably will need an internal checkout by default for these
tests to be useful. You can provide your own baselines, but you
can certainly provide your own set of configs.
Note: These tests will fail on dev images. They are designed to
check recovery images only.
"
show_help_if_requested "$@"
# Parse command line.
FLAGS "$@" || exit 1
eval set -- "${FLAGS_ARGV}"
# Only now can we die on error. shflags functions leak non-zero error codes,
# so will die prematurely if 'switch_to_strict_mode' is specified before now.
switch_to_strict_mode
SIGNER_DIR="${CHROOT_TRUNK_DIR}/cros-signing"
SIGNING_TOOLS_DIR="${SIGNER_DIR}/signer/signingtools-bin"
SECURITY_BASELINE_DIR="${SIGNER_DIR}/security_test_baselines"
VBOOT_DIR="${CHROOT_TRUNK_DIR}/src/platform/vboot_reference/scripts/"\
"image_signing"
# No security baselines provided. Use the standard one.
if [[ -z ${FLAGS_baselines} ]]; then
FLAGS_baselines=${SECURITY_BASELINE_DIR}
if [[ ! -d ${FLAGS_baselines} ]]; then
if [[ ! -d ${SIGNER_DIR} ]]; then
warn "Skipping security tests with public manifest"
exit 0
else
die "Could not locate security baselines from" \
"${FLAGS_baselines} with private manifest"
fi
fi
fi
info "Loading baselines from ${FLAGS_baselines}"
# No image was provided. Use the standard latest image.
if [[ -z ${FLAGS_image} ]]; then
DEFAULT_IMAGE_DIR=$("${SCRIPT_ROOT}"/get_latest_image.sh \
--board="${FLAGS_board}")
FLAGS_image="${DEFAULT_IMAGE_DIR}/${CHROMEOS_RECOVERY_IMAGE_NAME}"
fi
info "Using ${FLAGS_image}"
# The signer uses these binaries, so we should too.
PATH="${SIGNING_TOOLS_DIR}:${PATH}"
# Run all the security tests.
failed_count=0
run_check() {
local cmd=(
"${VBOOT_DIR}/ensure_$1.sh"
"${FLAGS_image}"
)
if [[ $# -ge 2 ]]; then
cmd+=( "${FLAGS_baselines}/ensure_$1.config" )
fi
info "Running ensure_$1.sh"
if ! "${cmd[@]}"; then
error "$1: test failed"
: $(( ++failed_count ))
fi
}
sec_checks=(
no_nonrelease_files
sane_lsb-release
secure_kernelparams
)
for check in "${sec_checks[@]}"; do
run_check "${check}" "${check}"
done
sec_checks=(
not_ASAN
# This test requires an update key to be inserted
# first which the signer itself currently does.
#update_verification
)
for check in "${sec_checks[@]}"; do
run_check "${check}"
done
if [[ ${failed_count} -gt 0 ]]; then
die_notrace "${failed_count} tests failed"
else
info "All tests passed!"
fi
Reference in New Issue View Git Blame Copy Permalink