From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 86D48C433EF for ; Thu, 3 Feb 2022 20:44:00 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3EBE183A0E; Thu, 3 Feb 2022 21:43:58 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=siemens.com header.i=@siemens.com header.b="CpstRcbM"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id B8ABC839FB; Thu, 3 Feb 2022 21:43:56 +0100 (CET) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20620.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::620]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3E3DE83A2B for ; Thu, 3 Feb 2022 21:43:53 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=jan.kiszka@siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fAjXImggbCRwPivFH6mKYhRIzdaFuV7G9pdDj2EYpj5rbNJoM/lOr5Uh/MkCKWcYUV9Fn+UyP08gGXoHE3uhRV1NhVLNBjhnC4a3MMie1zoclZ+vV+ogtboMQS3aYRmN5Mg9oRg+P1ecs8F3Cp6Ufwfc3VvgZ+vAlDXJ7nl0JT3ziFS9o+kUIbxH7UhWCMu5+jSuumUdo9SkSKXx1FYtP9r6dIOMpvvYRNsdoXsCykXOghHhRDF1GLCYi8vntCAbFkQm96DFmkdCrVMjHXstRertNV5Fl129KGMZBnCdlV37t450GfSiOw6DlQZ0eNy6jTpQ52rtj7j5BF/G+VfeHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AcO+S7z7Kaeu/VW/O7K1589U/iyNt8nNtbDTlxNNFY4=; b=lDLAoL1MuLl2YeRFp84+GIK30vURBicpqREtN8/Rz/93zSOq6YujyT63HKQF7cxX8R9BfCi9/UPPZYj9nTF7s7t4nE0/E4HWM7x0BO+J2fPxpIPq7JnJY+KmMwbtsIQG4sxkxwD4WKthkUJGE50/vnYbVZ+nbCT3STioCo8PK/Gn+0EX6qmUid77PL9bi3RUMYW1SQZjwb6mVFTusE36uYpGcu4gypAoDG9LuVW3GaEnBKAIsHPq04njXfoYUqKY6QKW1u/Gc5mh8Jh4imDAK5gU4o84kC22T5Wap7HaVM9KkreY1GCRKzYO78dxiCY/KZhpOFswlGexodSUQMvGnQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 194.138.21.72) smtp.rcpttodomain=chromium.org smtp.mailfrom=siemens.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=siemens.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AcO+S7z7Kaeu/VW/O7K1589U/iyNt8nNtbDTlxNNFY4=; b=CpstRcbMtpklGLKYaXZG36tBBJHBnGbJubPBlU7IgGfUxZTsMAjKUFMOnf0iUyQjNZF3g/eKMtBsdXoxOX9HnAqCCnq6Pji/dM5tp3Wz7cB2zl/pDwWA/k6puf4JtH0nod9mOf9a7bGP5AWO13Th/k8gAcGjMEYVroCw5r/CLywrD3qrnS12PRP228hGCRGi6IDOjy48U/a6W9pdSfi/eX1X2hkVLATR5KWd3+eVIUfrvU5hNRL1oD8Pga4gqzuxJ+QZLsJLVG9zJx43oc0pT2hDGmn/ucj6jgXwjT7XimuziVTNXlVdWDOyPlHo9hlYdN8ouERLmkQV1j8q7wZgVw== Received: from DB6PR07CA0009.eurprd07.prod.outlook.com (2603:10a6:6:2d::19) by AM8PR10MB4276.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:1ea::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.17; Thu, 3 Feb 2022 20:43:52 +0000 Received: from DB5EUR01FT015.eop-EUR01.prod.protection.outlook.com (2603:10a6:6:2d:cafe::c0) by DB6PR07CA0009.outlook.office365.com (2603:10a6:6:2d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4975.7 via Frontend Transport; Thu, 3 Feb 2022 20:43:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 194.138.21.72) smtp.mailfrom=siemens.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=siemens.com; Received-SPF: Pass (protection.outlook.com: domain of siemens.com designates 194.138.21.72 as permitted sender) receiver=protection.outlook.com; client-ip=194.138.21.72; helo=hybrid.siemens.com; Received: from hybrid.siemens.com (194.138.21.72) by DB5EUR01FT015.mail.protection.outlook.com (10.152.5.0) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4951.12 via Frontend Transport; Thu, 3 Feb 2022 20:43:52 +0000 Received: from DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) by DEMCHDC9SMA.ad011.siemens.net (194.138.21.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18; Thu, 3 Feb 2022 21:43:51 +0100 Received: from [167.87.72.47] (167.87.72.47) by DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18; Thu, 3 Feb 2022 21:43:50 +0100 Message-ID: <920004ee-81ff-7ee4-cab3-be2ef379a91b@siemens.com> Date: Thu, 3 Feb 2022 21:43:50 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 From: Jan Kiszka Subject: [PATCH] test/py: Add test case for mkimage -o argument Content-Language: en-US To: Simon Glass , U-Boot Mailing List Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [167.87.72.47] X-ClientProxiedBy: DEMCHDC89YA.ad011.siemens.net (139.25.226.104) To DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cfad624f-eb29-4f18-5008-08d9e755e369 X-MS-TrafficTypeDiagnostic: AM8PR10MB4276:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:95; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tkNAHFb5PLyUoKwkcVa8KHsk0I7dVUzRMQC73suNDXYvPe5gFqug8GLUEoPpSgaUYdh7+UFkPpkxvJQ9qvGEB+HX/+egUQzdALKksh9TLP3DXj+pYvOtXpDWCN15YXTgXP3Ahlbs6VOje9oCUr1Z0lxAfWRShOIwytgw/NTxqdoiOYpT2R8QvKXi4pUKgV0GWgj7Hd20VKPo2uHcRgkTkFWPVE4o5kDWgfodfBL7csn3GNP3d/bokh8g150OG4smZLzvNcZjLd1u5Oxs4D7JXYcukFm5zxvE2EoGmcpfRfzTX9eBQFELiD2+gi6ujc78RuRNepnH1Sd5EDia+zr7kNowiSrQfy+NQ5SJtiMCI9uVCgNqcwztTtp/HD9Jaz0OpKWMU6w/1pcqDsHZvi2tNjF516SDVXDJN5d7fGGtrFNtcgkuG8jmJrPc+hjEqc2AbX+iZyx7gEV1tj3kLbrWz3R7pbXbhLxvPLxTqBEJNy5UZ+hkoTqv5SVPOl6fK0gyqwA9YpsXS9haE23tytrwtg0n7C1/FZN0M/HLMR3q0+1L2+YozZmNnFH5YDutf/xtxYe5fowF4Fr5NT56hOmImFw0V3x1wMZXNTgHadoqJNTyftAvbtsI3IrdikzbQAs4ZXY8LRnHJWq+F033656UMbpRP8VlPi4QFOnGIW2ZehFqMS870gXJ4xAI9pOyyDHf9SMw84uSU0oimGrj0qOcsOxTDNVGscRPcr7AzA3dbO3GQHZ4ezVMfj8B5VDRG395oWEpFRxrkIczFKdz6PPM6w== X-Forefront-Antispam-Report: CIP:194.138.21.72; CTRY:DE; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:hybrid.siemens.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230001)(4636009)(46966006)(40470700004)(36840700001)(82310400004)(40460700003)(86362001)(70206006)(356005)(70586007)(81166007)(31696002)(82960400001)(8676002)(5660300002)(508600001)(8936002)(31686004)(336012)(36756003)(36860700001)(316002)(16576012)(110136005)(26005)(6706004)(16526019)(2906002)(956004)(47076005)(44832011)(83380400001)(2616005)(186003)(3940600001)(36900700001)(43740500002); DIR:OUT; SFP:1101; X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Feb 2022 20:43:52.2420 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cfad624f-eb29-4f18-5008-08d9e755e369 X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; Ip=[194.138.21.72]; Helo=[hybrid.siemens.com] X-MS-Exchange-CrossTenant-AuthSource: DB5EUR01FT015.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR10MB4276 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean From: Jan Kiszka Stress the '-o algo_name' argument of mkimage by expanding the vboot test. Signed-off-by: Jan Kiszka --- test/py/tests/test_vboot.py | 33 +++++++------- test/py/tests/vboot/sign-configs-algo-arg.its | 44 +++++++++++++++++++ test/py/tests/vboot/sign-images-algo-arg.its | 40 +++++++++++++++++ 3 files changed, 101 insertions(+), 16 deletions(-) create mode 100644 test/py/tests/vboot/sign-configs-algo-arg.its create mode 100644 test/py/tests/vboot/sign-images-algo-arg.its diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index b080d482af9..ac8ed9f1145 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -35,18 +35,19 @@ import vboot_evil # Only run the full suite on a few combinations, since it doesn't add any more # test coverage. TESTDATA = [ - ['sha1-basic', 'sha1', '', None, False, True], - ['sha1-pad', 'sha1', '', '-E -p 0x10000', False, False], - ['sha1-pss', 'sha1', '-pss', None, False, False], - ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False, False], - ['sha256-basic', 'sha256', '', None, False, False], - ['sha256-pad', 'sha256', '', '-E -p 0x10000', False, False], - ['sha256-pss', 'sha256', '-pss', None, False, False], - ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False], - ['sha256-pss-required', 'sha256', '-pss', None, True, False], - ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True], - ['sha384-basic', 'sha384', '', None, False, False], - ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False], + ['sha1-basic', 'sha1', '', None, False, True, False], + ['sha1-pad', 'sha1', '', '-E -p 0x10000', False, False, False], + ['sha1-pss', 'sha1', '-pss', None, False, False, False], + ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False, False, False], + ['sha256-basic', 'sha256', '', None, False, False, False], + ['sha256-pad', 'sha256', '', '-E -p 0x10000', False, False, False], + ['sha256-pss', 'sha256', '-pss', None, False, False, False], + ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False, False], + ['sha256-pss-required', 'sha256', '-pss', None, True, False, False], + ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True, False], + ['sha384-basic', 'sha384', '', None, False, False, False], + ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False, False], + ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', False, False, True], ] @pytest.mark.boardspec('sandbox') @@ -55,10 +56,10 @@ TESTDATA = [ @pytest.mark.requiredtool('fdtget') @pytest.mark.requiredtool('fdtput') @pytest.mark.requiredtool('openssl') -@pytest.mark.parametrize("name,sha_algo,padding,sign_options,required,full_test", +@pytest.mark.parametrize("name,sha_algo,padding,sign_options,required,full_test,algo_arg", TESTDATA) def test_vboot(u_boot_console, name, sha_algo, padding, sign_options, required, - full_test): + full_test, algo_arg): """Test verified boot signing with mkimage and verification with 'bootm'. This works using sandbox only as it needs to update the device tree used @@ -219,7 +220,7 @@ def test_vboot(u_boot_console, name, sha_algo, padding, sign_options, required, # Build the FIT, but don't sign anything yet cons.log.action('%s: Test FIT with signed images' % sha_algo) make_fit('sign-images-%s%s.its' % (sha_algo, padding)) - run_bootm(sha_algo, 'unsigned images', 'dev-', True) + run_bootm(sha_algo, 'unsigned images', ' - OK' if algo_arg else 'dev-', True) # Sign images with our dev keys sign_fit(sha_algo, sign_options) @@ -230,7 +231,7 @@ def test_vboot(u_boot_console, name, sha_algo, padding, sign_options, required, cons.log.action('%s: Test FIT with signed configuration' % sha_algo) make_fit('sign-configs-%s%s.its' % (sha_algo, padding)) - run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True) + run_bootm(sha_algo, 'unsigned config', '%s+ OK' % ('sha256' if algo_arg else sha_algo), True) # Sign images with our dev keys sign_fit(sha_algo, sign_options) diff --git a/test/py/tests/vboot/sign-configs-algo-arg.its b/test/py/tests/vboot/sign-configs-algo-arg.its new file mode 100644 index 00000000000..3a5bb6d0f73 --- /dev/null +++ b/test/py/tests/vboot/sign-configs-algo-arg.its @@ -0,0 +1,44 @@ +/dts-v1/; + +/ { + description = "Chrome OS kernel image with one or more FDT blobs"; + #address-cells = <1>; + + images { + kernel { + data = /incbin/("test-kernel.bin"); + type = "kernel_noload"; + arch = "sandbox"; + os = "linux"; + compression = "none"; + load = <0x4>; + entry = <0x8>; + kernel-version = <1>; + hash-1 { + algo = "sha256"; + }; + }; + fdt-1 { + description = "snow"; + data = /incbin/("sandbox-kernel.dtb"); + type = "flat_dt"; + arch = "sandbox"; + compression = "none"; + fdt-version = <1>; + hash-1 { + algo = "sha256"; + }; + }; + }; + configurations { + default = "conf-1"; + conf-1 { + kernel = "kernel"; + fdt = "fdt-1"; + signature { + key-name-hint = "dev"; + sign-images = "fdt", "kernel"; + }; + }; + }; +}; diff --git a/test/py/tests/vboot/sign-images-algo-arg.its b/test/py/tests/vboot/sign-images-algo-arg.its new file mode 100644 index 00000000000..9144c8b5ad8 --- /dev/null +++ b/test/py/tests/vboot/sign-images-algo-arg.its @@ -0,0 +1,40 @@ +/dts-v1/; + +/ { + description = "Chrome OS kernel image with one or more FDT blobs"; + #address-cells = <1>; + + images { + kernel { + data = /incbin/("test-kernel.bin"); + type = "kernel_noload"; + arch = "sandbox"; + os = "linux"; + compression = "none"; + load = <0x4>; + entry = <0x8>; + kernel-version = <1>; + signature { + key-name-hint = "dev"; + }; + }; + fdt-1 { + description = "snow"; + data = /incbin/("sandbox-kernel.dtb"); + type = "flat_dt"; + arch = "sandbox"; + compression = "none"; + fdt-version = <1>; + signature { + key-name-hint = "dev"; + }; + }; + }; + configurations { + default = "conf-1"; + conf-1 { + kernel = "kernel"; + fdt = "fdt-1"; + }; + }; +}; -- 2.34.1