mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-24 21:54:01 +00:00
efi_loader: use ':' as separator for setenv -i
setenv -e -i <address>,<filesize> can be used to set a UEFI variable from memory. For separating an address and a size we use ':' in most commands. Let's do the same for setenv -e -i. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This commit is contained in:
parent
15d8f008dc
commit
2b3fbcb59f
6 changed files with 78 additions and 78 deletions
|
@ -473,7 +473,7 @@ int do_env_set_efi(struct cmd_tbl *cmdtp, int flag, int argc,
|
|||
argc--;
|
||||
argv++;
|
||||
addr = simple_strtoul(argv[0], &ep, 16);
|
||||
if (*ep != ',')
|
||||
if (*ep != ':')
|
||||
return CMD_RET_USAGE;
|
||||
|
||||
/* 0 should be allowed for delete */
|
||||
|
|
|
@ -173,11 +173,11 @@ Sign an image with one of the keys in "db" on your host
|
|||
Now in U-Boot install the keys on your board::
|
||||
|
||||
fatload mmc 0:1 <tmpaddr> PK.auth
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>,$filesize PK
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>:$filesize PK
|
||||
fatload mmc 0:1 <tmpaddr> KEK.auth
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>,$filesize KEK
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>:$filesize KEK
|
||||
fatload mmc 0:1 <tmpaddr> db.auth
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>,$filesize db
|
||||
setenv -e -nv -bs -rt -at -i <tmpaddr>:$filesize db
|
||||
|
||||
Set up boot parameters on your board::
|
||||
|
||||
|
|
|
@ -38,14 +38,14 @@ class TestEfiAuthVar(object):
|
|||
# Test Case 1b, PK without AUTHENTICATED_WRITE_ACCESS
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 1c'):
|
||||
# Test Case 1c, install PK
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'printenv -e -n PK'])
|
||||
assert 'PK:' in ''.join(output)
|
||||
|
||||
|
@ -60,24 +60,24 @@ class TestEfiAuthVar(object):
|
|||
# Test Case 1d, db/dbx without KEK
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 1e'):
|
||||
# Test Case 1e, install KEK
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -i 4000000,$filesize KEK'])
|
||||
'setenv -e -nv -bs -rt -i 4000000:$filesize KEK'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'printenv -e -n KEK'])
|
||||
assert 'KEK:' in ''.join(output)
|
||||
|
||||
|
@ -89,12 +89,12 @@ class TestEfiAuthVar(object):
|
|||
# Test Case 1f, install db
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
@ -107,12 +107,12 @@ class TestEfiAuthVar(object):
|
|||
# Test Case 1g, install dbx
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx.auth',
|
||||
'setenv -e -nv -bs -rt -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f dbx'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'dbx:' in ''.join(output)
|
||||
|
@ -132,32 +132,32 @@ class TestEfiAuthVar(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db1.auth',
|
||||
'setenv -e -nv -bs -rt -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 2b'):
|
||||
# Test Case 2b, update without correct signature
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.esl',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 2c'):
|
||||
# Test Case 2c, update with correct signature
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db1.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
@ -173,32 +173,32 @@ class TestEfiAuthVar(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db1.auth',
|
||||
'setenv -e -nv -bs -rt -a -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -a -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 3b'):
|
||||
# Test Case 3b, update without correct signature
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.esl',
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
|
||||
with u_boot_console.log.section('Test Case 3c'):
|
||||
# Test Case 3c, update with correct signature
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db1.auth',
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
@ -214,11 +214,11 @@ class TestEfiAuthVar(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n -guid d719b2cb-3d3a-4596-a3bc-dad00e67656f db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'db:' in ''.join(output)
|
||||
|
@ -248,18 +248,18 @@ class TestEfiAuthVar(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'printenv -e -n PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert 'PK:' in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 PK_null.esl',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'printenv -e -n PK'])
|
||||
assert 'Failed to set EFI variable' in ''.join(output)
|
||||
assert 'PK:' in ''.join(output)
|
||||
|
@ -268,7 +268,7 @@ class TestEfiAuthVar(object):
|
|||
# Test Case 5b, Uninstall PK with correct signature
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 PK_null.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK',
|
||||
'printenv -e -n PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
assert '\"PK\" not defined' in ''.join(output)
|
||||
|
|
|
@ -53,9 +53,9 @@ class TestEfiSignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot add 1 HELLO1 host 0:1 /helloworld.efi.signed ""',
|
||||
|
@ -74,7 +74,7 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 2b, authenticated by db
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 2',
|
||||
|
@ -97,11 +97,11 @@ class TestEfiSignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot add 1 HELLO host 0:1 /helloworld.efi.signed ""',
|
||||
|
@ -114,7 +114,7 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 3b, rejected by dbx even if db allows
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
@ -133,13 +133,13 @@ class TestEfiSignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 dbx_hash.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot add 1 HELLO host 0:1 /helloworld.efi.signed ""',
|
||||
|
@ -162,11 +162,11 @@ class TestEfiSignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot add 1 HELLO host 0:1 /helloworld.efi.signed_2sigs ""',
|
||||
|
@ -178,7 +178,7 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 5b, authenticated if both signatures are verified
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db1.auth',
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
@ -190,7 +190,7 @@ class TestEfiSignedImage(object):
|
|||
# certificate) is revoked
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx_hash.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
@ -201,7 +201,7 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 5d, rejected if both of signatures are revoked
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx_hash1.auth',
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -at -a -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
@ -220,11 +220,11 @@ class TestEfiSignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db_hello_signed.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot add 1 HELLO host 0:1 /helloworld.efi.signed ""',
|
||||
|
@ -236,7 +236,7 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 6b, rejected by TEST_db certificate in dbx
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx_db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
@ -248,9 +248,9 @@ class TestEfiSignedImage(object):
|
|||
# Test Case 6c, rejected by image's digest in dbx
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 dbx_hello_signed.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
output = u_boot_console.run_command_list([
|
||||
'efidebug boot next 1',
|
||||
|
|
|
@ -31,11 +31,11 @@ class TestEfiSignedImageIntca(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db_c.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -64,9 +64,9 @@ class TestEfiSignedImageIntca(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -80,7 +80,7 @@ class TestEfiSignedImageIntca(object):
|
|||
# Test Case 2b, signed and authenticated by root CA
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db_b.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'efidebug boot next 1',
|
||||
'efidebug test bootmgr'])
|
||||
assert '\'HELLO_abc\' failed' in ''.join(output)
|
||||
|
@ -90,7 +90,7 @@ class TestEfiSignedImageIntca(object):
|
|||
# Test Case 2c, signed and authenticated by root CA
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db_c.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'efidebug boot next 1',
|
||||
'efidebug test bootmgr'])
|
||||
assert 'Hello, world!' in ''.join(output)
|
||||
|
@ -106,13 +106,13 @@ class TestEfiSignedImageIntca(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 dbx_b.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'fatload host 0:1 4000000 db_c.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -128,7 +128,7 @@ class TestEfiSignedImageIntca(object):
|
|||
# Test Case 3b, revoked by root CA in dbx
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 dbx_c.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'efidebug boot next 1',
|
||||
'efidebug test bootmgr'])
|
||||
assert '\'HELLO_abc\' failed' in ''.join(output)
|
||||
|
|
|
@ -29,9 +29,9 @@ class TestEfiUnsignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -56,11 +56,11 @@ class TestEfiUnsignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db_hello.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -80,11 +80,11 @@ class TestEfiUnsignedImage(object):
|
|||
output = u_boot_console.run_command_list([
|
||||
'host bind 0 %s' % disk_img,
|
||||
'fatload host 0:1 4000000 db_hello.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize dbx',
|
||||
'fatload host 0:1 4000000 KEK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK',
|
||||
'fatload host 0:1 4000000 PK.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
@ -102,7 +102,7 @@ class TestEfiUnsignedImage(object):
|
|||
# Test Case 3b, rejected by dbx even if db allows
|
||||
output = u_boot_console.run_command_list([
|
||||
'fatload host 0:1 4000000 db_hello.auth',
|
||||
'setenv -e -nv -bs -rt -at -i 4000000,$filesize db'])
|
||||
'setenv -e -nv -bs -rt -at -i 4000000:$filesize db'])
|
||||
assert 'Failed to set EFI variable' not in ''.join(output)
|
||||
|
||||
output = u_boot_console.run_command_list([
|
||||
|
|
Loading…
Reference in a new issue