diff options
| author | Stefano Babic <sbabic@denx.de> | 2020-05-10 13:03:56 +0200 |
|---|---|---|
| committer | Stefano Babic <sbabic@denx.de> | 2020-05-10 13:03:56 +0200 |
| commit | b77d0292ca9f3ca69259dca7e2c5e193a403b289 (patch) | |
| tree | 0af352de3e405f839188aad7acaa9930d18afdd8 /test | |
| parent | 8142a97d541ef1473925b3677d6bf86bcddb69ac (diff) | |
| parent | c5c657644bc35fd6b3d6e5517698721e90646b8d (diff) | |
| download | u-boot-b77d0292ca9f3ca69259dca7e2c5e193a403b289.tar.gz | |
Merge branch 'master' of git://git.denx.de/u-boot
Diffstat (limited to 'test')
| -rw-r--r-- | test/dm/ofnode.c | 21 | ||||
| -rw-r--r-- | test/dm/phy.c | 33 | ||||
| -rw-r--r-- | test/lib/asn1.c | 4 | ||||
| -rw-r--r-- | test/log/nolog_test.c | 24 | ||||
| -rw-r--r-- | test/log/syslog_test.c | 48 | ||||
| -rw-r--r-- | test/py/tests/test_efi_secboot/test_authvar.py | 8 | ||||
| -rw-r--r-- | test/py/tests/test_efi_secboot/test_signed.py | 4 | ||||
| -rw-r--r-- | test/py/tests/test_efi_secboot/test_unsigned.py | 6 | ||||
| -rw-r--r-- | test/py/tests/test_ut.py | 17 | ||||
| -rw-r--r-- | test/py/tests/test_vboot.py | 52 |
10 files changed, 150 insertions, 67 deletions
diff --git a/test/dm/ofnode.c b/test/dm/ofnode.c index 1c49eaf38b..07d5c7d7a6 100644 --- a/test/dm/ofnode.c +++ b/test/dm/ofnode.c @@ -113,3 +113,24 @@ static int dm_test_ofnode_read_chosen(struct unit_test_state *uts) return 0; } DM_TEST(dm_test_ofnode_read_chosen, DM_TESTF_SCAN_PDATA | DM_TESTF_SCAN_FDT); + +static int dm_test_ofnode_get_child_count(struct unit_test_state *uts) +{ + ofnode node, child_node; + u32 val; + + node = ofnode_path("/i-test"); + ut_assert(ofnode_valid(node)); + + val = ofnode_get_child_count(node); + ut_asserteq(3, val); + + child_node = ofnode_first_subnode(node); + ut_assert(ofnode_valid(child_node)); + val = ofnode_get_child_count(child_node); + ut_asserteq(0, val); + + return 0; +} +DM_TEST(dm_test_ofnode_get_child_count, + DM_TESTF_SCAN_PDATA | DM_TESTF_SCAN_FDT); diff --git a/test/dm/phy.c b/test/dm/phy.c index 21d92194b9..92455d94af 100644 --- a/test/dm/phy.c +++ b/test/dm/phy.c @@ -110,3 +110,36 @@ static int dm_test_phy_ops(struct unit_test_state *uts) return 0; } DM_TEST(dm_test_phy_ops, DM_TESTF_SCAN_PDATA | DM_TESTF_SCAN_FDT); + +static int dm_test_phy_bulk(struct unit_test_state *uts) +{ + struct phy_bulk phys; + struct udevice *parent; + + /* test normal operations */ + ut_assertok(uclass_get_device_by_name(UCLASS_SIMPLE_BUS, + "gen_phy_user1", &parent)); + + ut_assertok(generic_phy_get_bulk(parent, &phys)); + ut_asserteq(2, phys.count); + + ut_asserteq(0, generic_phy_init_bulk(&phys)); + ut_asserteq(0, generic_phy_power_on_bulk(&phys)); + ut_asserteq(0, generic_phy_power_off_bulk(&phys)); + ut_asserteq(0, generic_phy_exit_bulk(&phys)); + + /* has a known problem phy */ + ut_assertok(uclass_get_device_by_name(UCLASS_SIMPLE_BUS, + "gen_phy_user", &parent)); + + ut_assertok(generic_phy_get_bulk(parent, &phys)); + ut_asserteq(3, phys.count); + + ut_asserteq(0, generic_phy_init_bulk(&phys)); + ut_asserteq(-EIO, generic_phy_power_on_bulk(&phys)); + ut_asserteq(-EIO, generic_phy_power_off_bulk(&phys)); + ut_asserteq(0, generic_phy_exit_bulk(&phys)); + + return 0; +} +DM_TEST(dm_test_phy_bulk, DM_TESTF_SCAN_PDATA | DM_TESTF_SCAN_FDT); diff --git a/test/lib/asn1.c b/test/lib/asn1.c index d2b3f67e68..8661fdd306 100644 --- a/test/lib/asn1.c +++ b/test/lib/asn1.c @@ -13,10 +13,10 @@ #include <test/ut.h> #ifdef CONFIG_PKCS7_MESSAGE_PARSER -#include "../../lib/crypto/pkcs7_parser.h" +#include <crypto/pkcs7_parser.h> #else #ifdef CONFIG_X509_CERTIFICATE_PARSER -#include "../../lib/crypto/x509_parser.h" +#include <crypto/x509_parser.h> #endif #endif diff --git a/test/log/nolog_test.c b/test/log/nolog_test.c index 84619521c9..c418ed07c9 100644 --- a/test/log/nolog_test.c +++ b/test/log/nolog_test.c @@ -19,7 +19,7 @@ DECLARE_GLOBAL_DATA_PTR; #define BUFFSIZE 32 -static int nolog_test_log_err(struct unit_test_state *uts) +static int log_test_nolog_err(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -31,9 +31,9 @@ static int nolog_test_log_err(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_err); +LOG_TEST(log_test_nolog_err); -static int nolog_test_log_warning(struct unit_test_state *uts) +static int log_test_nolog_warning(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -45,9 +45,9 @@ static int nolog_test_log_warning(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_warning); +LOG_TEST(log_test_nolog_warning); -static int nolog_test_log_notice(struct unit_test_state *uts) +static int log_test_nolog_notice(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -59,9 +59,9 @@ static int nolog_test_log_notice(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_notice); +LOG_TEST(log_test_nolog_notice); -static int nolog_test_log_info(struct unit_test_state *uts) +static int log_test_nolog_info(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -73,7 +73,7 @@ static int nolog_test_log_info(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_info); +LOG_TEST(log_test_nolog_info); #undef _DEBUG #define _DEBUG 0 @@ -90,7 +90,7 @@ static int nolog_test_nodebug(struct unit_test_state *uts) } LOG_TEST(nolog_test_nodebug); -static int nolog_test_log_nodebug(struct unit_test_state *uts) +static int log_test_nolog_nodebug(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -102,7 +102,7 @@ static int nolog_test_log_nodebug(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_nodebug); +LOG_TEST(log_test_nolog_nodebug); #undef _DEBUG #define _DEBUG 1 @@ -120,7 +120,7 @@ static int nolog_test_debug(struct unit_test_state *uts) } LOG_TEST(nolog_test_debug); -static int nolog_test_log_debug(struct unit_test_state *uts) +static int log_test_nolog_debug(struct unit_test_state *uts) { char buf[BUFFSIZE]; @@ -132,4 +132,4 @@ static int nolog_test_log_debug(struct unit_test_state *uts) ut_assertok(ut_check_console_end(uts)); return 0; } -LOG_TEST(nolog_test_log_debug); +LOG_TEST(log_test_nolog_debug); diff --git a/test/log/syslog_test.c b/test/log/syslog_test.c index 6ca5760eac..26536ebca7 100644 --- a/test/log/syslog_test.c +++ b/test/log/syslog_test.c @@ -92,12 +92,12 @@ static int sb_log_tx_handler(struct udevice *dev, void *packet, } /** - * syslog_test_log_err() - test log_err() function + * log_test_syslog_err() - test log_err() function * * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_err(struct unit_test_state *uts) +static int log_test_syslog_err(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -106,7 +106,7 @@ static int syslog_test_log_err(struct unit_test_state *uts) gd->default_log_level = LOGL_INFO; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<3>sandbox uboot: syslog_test_log_err() " + env.expected = "<3>sandbox uboot: log_test_syslog_err() " "testing log_err\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -119,15 +119,15 @@ static int syslog_test_log_err(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_err); +LOG_TEST(log_test_syslog_err); /** - * syslog_test_log_warning() - test log_warning() function + * log_test_syslog_warning() - test log_warning() function * * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_warning(struct unit_test_state *uts) +static int log_test_syslog_warning(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -136,7 +136,7 @@ static int syslog_test_log_warning(struct unit_test_state *uts) gd->default_log_level = LOGL_INFO; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<4>sandbox uboot: syslog_test_log_warning() " + env.expected = "<4>sandbox uboot: log_test_syslog_warning() " "testing log_warning\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -150,15 +150,15 @@ static int syslog_test_log_warning(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_warning); +LOG_TEST(log_test_syslog_warning); /** - * syslog_test_log_notice() - test log_notice() function + * log_test_syslog_notice() - test log_notice() function * * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_notice(struct unit_test_state *uts) +static int log_test_syslog_notice(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -167,7 +167,7 @@ static int syslog_test_log_notice(struct unit_test_state *uts) gd->default_log_level = LOGL_INFO; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<5>sandbox uboot: syslog_test_log_notice() " + env.expected = "<5>sandbox uboot: log_test_syslog_notice() " "testing log_notice\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -181,15 +181,15 @@ static int syslog_test_log_notice(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_notice); +LOG_TEST(log_test_syslog_notice); /** - * syslog_test_log_info() - test log_info() function + * log_test_syslog_info() - test log_info() function * * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_info(struct unit_test_state *uts) +static int log_test_syslog_info(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -198,7 +198,7 @@ static int syslog_test_log_info(struct unit_test_state *uts) gd->default_log_level = LOGL_INFO; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<6>sandbox uboot: syslog_test_log_info() " + env.expected = "<6>sandbox uboot: log_test_syslog_info() " "testing log_info\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -212,15 +212,15 @@ static int syslog_test_log_info(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_info); +LOG_TEST(log_test_syslog_info); /** - * syslog_test_log_debug() - test log_debug() function + * log_test_syslog_debug() - test log_debug() function * * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_debug(struct unit_test_state *uts) +static int log_test_syslog_debug(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -229,7 +229,7 @@ static int syslog_test_log_debug(struct unit_test_state *uts) gd->default_log_level = LOGL_DEBUG; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<7>sandbox uboot: syslog_test_log_debug() " + env.expected = "<7>sandbox uboot: log_test_syslog_debug() " "testing log_debug\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -243,10 +243,10 @@ static int syslog_test_log_debug(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_debug); +LOG_TEST(log_test_syslog_debug); /** - * syslog_test_log_nodebug() - test logging level filter + * log_test_syslog_nodebug() - test logging level filter * * Verify that log_debug() does not lead to a log message if the logging level * is set to LOGL_INFO. @@ -254,7 +254,7 @@ LOG_TEST(syslog_test_log_debug); * @uts: unit test state * Return: 0 = success */ -static int syslog_test_log_nodebug(struct unit_test_state *uts) +static int log_test_syslog_nodebug(struct unit_test_state *uts) { int old_log_level = gd->default_log_level; struct sb_log_env env; @@ -263,7 +263,7 @@ static int syslog_test_log_nodebug(struct unit_test_state *uts) gd->default_log_level = LOGL_INFO; env_set("ethact", "eth@10002000"); env_set("log_hostname", "sandbox"); - env.expected = "<7>sandbox uboot: syslog_test_log_nodebug() " + env.expected = "<7>sandbox uboot: log_test_syslog_nodebug() " "testing log_debug\n"; env.uts = uts; sandbox_eth_set_tx_handler(0, sb_log_tx_handler); @@ -277,4 +277,4 @@ static int syslog_test_log_nodebug(struct unit_test_state *uts) return 0; } -LOG_TEST(syslog_test_log_nodebug); +LOG_TEST(log_test_syslog_nodebug); diff --git a/test/py/tests/test_efi_secboot/test_authvar.py b/test/py/tests/test_efi_secboot/test_authvar.py index 55dcaa95f1..9912694a3e 100644 --- a/test/py/tests/test_efi_secboot/test_authvar.py +++ b/test/py/tests/test_efi_secboot/test_authvar.py @@ -133,7 +133,7 @@ class TestEfiAuthVar(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 PK.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 db.auth', @@ -174,7 +174,7 @@ class TestEfiAuthVar(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 PK.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 db.auth', @@ -215,7 +215,7 @@ class TestEfiAuthVar(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 PK.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 db.auth', @@ -249,7 +249,7 @@ class TestEfiAuthVar(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 PK.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 db.auth', diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py index 584282b338..fc722ab506 100644 --- a/test/py/tests/test_efi_secboot/test_signed.py +++ b/test/py/tests/test_efi_secboot/test_signed.py @@ -29,7 +29,7 @@ class TestEfiSignedImage(object): # Test Case 1a, run signed image if no db/dbx output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, - 'efidebug boot add 1 HELLO1 host 0:1 /helloworld.efi.signed ""', + 'efidebug boot add 1 HELLO1 host 0:1 /helloworld.efi.signed ""; echo', 'efidebug boot next 1', 'bootefi bootmgr']) assert(re.search('Hello, world!', ''.join(output))) @@ -81,7 +81,7 @@ class TestEfiSignedImage(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 db.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 PK.auth', diff --git a/test/py/tests/test_efi_secboot/test_unsigned.py b/test/py/tests/test_efi_secboot/test_unsigned.py index 22d849afb8..a4af845c51 100644 --- a/test/py/tests/test_efi_secboot/test_unsigned.py +++ b/test/py/tests/test_efi_secboot/test_unsigned.py @@ -30,7 +30,7 @@ class TestEfiUnsignedImage(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 KEK.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK; echo', 'fatload host 0:1 4000000 PK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK']) assert(not re.search('Failed to set EFI variable', ''.join(output))) @@ -58,7 +58,7 @@ class TestEfiUnsignedImage(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 db_hello.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize db', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize db; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 PK.auth', @@ -82,7 +82,7 @@ class TestEfiUnsignedImage(object): output = u_boot_console.run_command_list([ 'host bind 0 %s' % disk_img, 'fatload host 0:1 4000000 db_hello.auth', - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx', + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx; echo', 'fatload host 0:1 4000000 KEK.auth', 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK', 'fatload host 0:1 4000000 PK.auth', diff --git a/test/py/tests/test_ut.py b/test/py/tests/test_ut.py index 6c7b8dd2b3..01c2b3ffa1 100644 --- a/test/py/tests/test_ut.py +++ b/test/py/tests/test_ut.py @@ -22,7 +22,22 @@ def test_ut_dm_init(u_boot_console): fh.write(data) def test_ut(u_boot_console, ut_subtest): - """Execute a "ut" subtest.""" + """Execute a "ut" subtest. + + The subtests are collected in function generate_ut_subtest() from linker + generated lists by applying a regular expression to the lines of file + u-boot.sym. The list entries are created using the C macro UNIT_TEST(). + + Strict naming conventions have to be followed to match the regular + expression. Use UNIT_TEST(foo_test_bar, _flags, foo_test) for a test bar in + test suite foo that can be executed via command 'ut foo bar' and is + implemented in C function foo_test_bar(). + + Args: + u_boot_console (ConsoleBase): U-Boot console + ut_subtest (str): test to be executed via command ut, e.g 'foo bar' to + execute command 'ut foo bar' + """ output = u_boot_console.run_command('ut ' + ut_subtest) assert output.endswith('Failures: 0') diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index e67f2b3d0f..6b998cfd70 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -30,11 +30,16 @@ import u_boot_utils as util import vboot_forge TESTDATA = [ - ['sha1', '', False], - ['sha1', '-pss', False], - ['sha256', '', False], - ['sha256', '-pss', False], - ['sha256', '-pss', True], + ['sha1', '', None, False], + ['sha1', '', '-E -p 0x10000', False], + ['sha1', '-pss', None, False], + ['sha1', '-pss', '-E -p 0x10000', False], + ['sha256', '', None, False], + ['sha256', '', '-E -p 0x10000', False], + ['sha256', '-pss', None, False], + ['sha256', '-pss', '-E -p 0x10000', False], + ['sha256', '-pss', None, True], + ['sha256', '-pss', '-E -p 0x10000', True], ] @pytest.mark.boardspec('sandbox') @@ -43,8 +48,8 @@ TESTDATA = [ @pytest.mark.requiredtool('fdtget') @pytest.mark.requiredtool('fdtput') @pytest.mark.requiredtool('openssl') -@pytest.mark.parametrize("sha_algo,padding,required", TESTDATA) -def test_vboot(u_boot_console, sha_algo, padding, required): +@pytest.mark.parametrize("sha_algo,padding,sign_options,required", TESTDATA) +def test_vboot(u_boot_console, sha_algo, padding, sign_options, required): """Test verified boot signing with mkimage and verification with 'bootm'. This works using sandbox only as it needs to update the device tree used @@ -104,7 +109,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f', '%s%s' % (datadir, its), fit]) - def sign_fit(sha_algo): + def sign_fit(sha_algo, options): """Sign the FIT Signs the FIT and writes the signature into it. It also writes the @@ -113,10 +118,13 @@ def test_vboot(u_boot_console, sha_algo, padding, required): Args: sha_algo: Either 'sha1' or 'sha256', to select the algorithm to use. + options: Options to provide to mkimage. """ + args = [mkimage, '-F', '-k', tmpdir, '-K', dtb, '-r', fit] + if options: + args += options.split(' ') cons.log.action('%s: Sign images' % sha_algo) - util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb, - '-r', fit]) + util.run_and_log(cons, args) def replace_fit_totalsize(size): """Replace FIT header's totalsize with something greater. @@ -154,7 +162,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): util.run_and_log(cons, 'openssl req -batch -new -x509 -key %s%s.key ' '-out %s%s.crt' % (tmpdir, name, tmpdir, name)) - def test_with_algo(sha_algo, padding): + def test_with_algo(sha_algo, padding, sign_options): """Test verified boot with the given hash algorithm. This is the main part of the test code. The same procedure is followed @@ -163,6 +171,9 @@ def test_vboot(u_boot_console, sha_algo, padding, required): Args: sha_algo: Either 'sha1' or 'sha256', to select the algorithm to use. + padding: Either '' or '-pss', to select the padding to use for the + rsa signature algorithm. + sign_options: Options to mkimage when signing a fit image. """ # Compile our device tree files for kernel and U-Boot. These are # regenerated here since mkimage will modify them (by adding a @@ -176,7 +187,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): run_bootm(sha_algo, 'unsigned images', 'dev-', True) # Sign images with our dev keys - sign_fit(sha_algo) + sign_fit(sha_algo, sign_options) run_bootm(sha_algo, 'signed images', 'dev+', True) # Create a fresh .dtb without the public keys @@ -187,7 +198,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True) # Sign images with our dev keys - sign_fit(sha_algo) + sign_fit(sha_algo, sign_options) run_bootm(sha_algo, 'signed config', 'dev+', True) cons.log.action('%s: Check signed config on the host' % sha_algo) @@ -209,7 +220,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): # Create a new properly signed fit and replace header bytes make_fit('sign-configs-%s%s.its' % (sha_algo, padding)) - sign_fit(sha_algo) + sign_fit(sha_algo, sign_options) bcfg = u_boot_console.config.buildconfig max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0) existing_size = replace_fit_totalsize(max_size + 1) @@ -240,7 +251,7 @@ def test_vboot(u_boot_console, sha_algo, padding, required): cons, [fit_check_sign, '-f', fit, '-k', dtb], 1, 'Failed to verify required signature') - def test_required_key(sha_algo, padding): + def test_required_key(sha_algo, padding, sign_options): """Test verified boot with the given hash algorithm. This function tests if U-Boot rejects an image when a required key isn't @@ -248,6 +259,9 @@ def test_vboot(u_boot_console, sha_algo, padding, required): Args: sha_algo: Either 'sha1' or 'sha256', to select the algorithm to use + padding: Either '' or '-pss', to select the padding to use for the + rsa signature algorithm. + sign_options: Options to mkimage when signing a fit image. """ # Compile our device tree files for kernel and U-Boot. These are # regenerated here since mkimage will modify them (by adding a @@ -260,12 +274,12 @@ def test_vboot(u_boot_console, sha_algo, padding, required): # Build the FIT with prod key (keys required) and sign it. This puts the # signature into sandbox-u-boot.dtb, marked 'required' make_fit('sign-configs-%s%s-prod.its' % (sha_algo, padding)) - sign_fit(sha_algo) + sign_fit(sha_algo, sign_options) # Build the FIT with dev key (keys NOT required). This adds the # signature into sandbox-u-boot.dtb, NOT marked 'required'. make_fit('sign-configs-%s%s.its' % (sha_algo, padding)) - sign_fit(sha_algo) + sign_fit(sha_algo, sign_options) # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys. # Only the prod key is set as 'required'. But FIT we just built has @@ -297,9 +311,9 @@ def test_vboot(u_boot_console, sha_algo, padding, required): old_dtb = cons.config.dtb cons.config.dtb = dtb if required: - test_required_key(sha_algo, padding) + test_required_key(sha_algo, padding, sign_options) else: - test_with_algo(sha_algo, padding) + test_with_algo(sha_algo, padding, sign_options) finally: # Go back to the original U-Boot with the correct dtb. cons.config.dtb = old_dtb |