| # Copyright 2014 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import gobject, os, shutil |
| from dbus.mainloop.glib import DBusGMainLoop |
| |
| from autotest_lib.client.bin import test, utils |
| from autotest_lib.client.common_lib import error |
| from autotest_lib.client.common_lib.cros import chrome, session_manager |
| from autotest_lib.client.cros import constants, cros_ui, ownership |
| |
| |
| def set_block_devmode(value): |
| try: |
| utils.system('crossystem block_devmode=%d' % (1 if value else 0)) |
| except error.CmdError, e: |
| raise error.TestError('Failed to run crossystem: %s' % e) |
| |
| |
| def get_block_devmode(): |
| try: |
| return utils.system_output('crossystem block_devmode') == '1' |
| except error.CmdError, e: |
| raise error.TestError('Failed to run crossystem: %s' % e) |
| |
| |
| class platform_SessionManagerBlockDevmodeSetting(test.test): |
| """Verifies that session_manager updates the block_devmode flag to be in |
| sync with the corresponding device setting.""" |
| version = 1 |
| |
| def initialize(self): |
| super(platform_SessionManagerBlockDevmodeSetting, self).initialize() |
| ownership.restart_ui_to_clear_ownership_files() |
| self._bus_loop = DBusGMainLoop(set_as_default=True) |
| |
| |
| def run_once(self): |
| try: |
| if utils.system_output('crossystem mainfw_type') == 'nonchrome': |
| raise error.TestNAError( |
| 'State key generation only works on Chrome OS hardware') |
| except error.CmdError, e: |
| raise error.TestError('Failed to run crossystem: %s' % e) |
| |
| # Make sure that the flag sticks when there is no owner. |
| set_block_devmode(True) |
| cros_ui.restart() |
| cros_ui.stop() |
| if not get_block_devmode(): |
| raise error.TestFail("Flag got reset for non-owned device.") |
| |
| # Test whether the flag gets reset when taking ownership. |
| listener = session_manager.OwnershipSignalListener(gobject.MainLoop()) |
| listener.listen_for_new_key_and_policy() |
| with chrome.Chrome() as cr: |
| listener.wait_for_signals(desc='Ownership files written to disk.') |
| if get_block_devmode(): |
| raise error.TestFail( |
| "Flag not clear after ownership got established.") |
| |
| # Put a new owner key and policy blob in place, the latter of which |
| # specifies block_devmode=true. |
| cros_ui.stop(allow_fail=True) |
| shutil.copyfile( |
| os.path.join(self.bindir, 'owner.key'), constants.OWNER_KEY_FILE) |
| shutil.copyfile( |
| os.path.join(self.bindir, 'policy_block_devmode_enabled'), |
| constants.SIGNED_POLICY_FILE) |
| cros_ui.start() |
| if not get_block_devmode(): |
| raise error.TestFail( |
| "Flag not set after starting with policy enabled.") |
| |
| # Send a new policy blob to session_manager that disables block_devmode. |
| listener.listen_for_new_policy() |
| with open(os.path.join(self.bindir, |
| 'policy_block_devmode_disabled')) as f: |
| session_manager_proxy = session_manager.connect(self._bus_loop) |
| session_manager_proxy.StorePolicyEx( |
| session_manager.make_device_policy_descriptor(), f.read()) |
| listener.wait_for_signals(desc='Policy updated.') |
| |
| if get_block_devmode(): |
| raise error.TestFail( |
| "Flag set after updating policy to clear flag.") |