Commit graph

280 commits

Author SHA1 Message Date
Joel Peshkin
4e9bce1243 Add support for stack-protector
Add support for stack protector for UBOOT, SPL, and TPL
as well as new pytest for stackprotector

Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>

Adjust UEFI build flags.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-04-20 07:31:12 -04:00
Alexandru Gagniuc
78015263b9 test/py: ecdsa: Use mkimage keyfile instead of keydir argument
Originally, the ECDSA code path used 'keydir' as the key filename.
mkimage has since been updated to include a new 'keyfile' argument.
Use the new argument for passing in the key.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Alexandru Gagniuc
f91de329ab test/py: ecdsa: Add test for mkimage ECDSA signing
Add a test to make sure that the ECDSA signatures generated by
mkimage can be verified successfully. pyCryptodomex was chosen as the
crypto library because it integrates much better with python code.
Using openssl would have been unnecessarily painful.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-14 15:23:01 -04:00
Asherah Connor
69512551aa test: qemu: add qfw sandbox driver, dm tests, qemu tests
A sandbox driver and test are added for the qfw uclass, and a test in
QEMU added for qfw functionality to confirm it doesn't break in real
world use.

Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2021-04-12 17:45:39 -04:00
Tom Rini
90eba245a6 Merge branch 'next' 2021-04-05 11:29:57 -04:00
Andy Shevchenko
1ba21bb06b test: Don't unmount not (yet) mounted system
When test suite tries to create a file for a new filesystem test case and fails,
the clean up of the exception tries to unmount the image, that has not yet been
mounted. When it happens, the fuse_mounted global variable is set to False and
inconveniently the test case tries to use sudo, so without this change the
admin of the machine gets an (annoying) email:

  Subject: *** SECURITY information for example.com ***

  example.com : Feb  5 19:43:47 : ... COMMAND=/bin/umount .../build-sandbox/persistent-data/mnt

and second run of the test cases on uncleaned build folder will ask for sudo
which is not what expected.

Besides that there is a double unmount calls during successfully run test case.

All of these due to over engineered Python try-except clause and people didn't
get it properly at all. The rule of thumb is that don't use more keywords than
try-except in the exception handling code. Nevertheless, here we adjust code
to be less intrusive to the initial logic behind that complex and unclear
constructions in the test case, although it adds a lot of lines of the code,
i.e. splits one exception handler to three, so on each step we know what
cleanup shall perform.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-31 07:50:17 -04:00
Tom Rini
1057b1be75 Prepare v2021.04-rc5
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmBiRbMACgkQFHw5/5Y0
 tyz0KAv/T8glQGL6L2CYeLuwbs9tndQoaH2YNb3teNUJrqehBleJAQ6ubHP30d87
 rHrokJ4Zu3TC15sACrK4GOMvsAVkeCuU/jIqFJA4ieDZr8g7yfUMOZMsDiIFdd36
 Rdmi71Jtek/csyS5BfcUUYoXVbUCGQ8yAx7z0VrK0sqsqZYYJNwPmqgkR8U2ulNb
 FiLxwamFwH7+bsvcvHajO1dOyko0zR7GTisf/fOgmlHuF3BldqG4SDcNd528uEWb
 r3fXs2Ut6IaC/beCnmKUPVG3ZjdPtb+T230rRRhUOfjTwqR7SzXp5bTyzdgyw3gU
 rOgfi/mAGQPPG2E2fzPz0JCI1irbnkSE2fVJ4epaVUCoHIEsQQdy034aD3qLcHFY
 65ihEpRvCM7s9jfKX8XeIG4rKFB4i60TX5orzdMvx7wV3rxmPE9qQmF9lkD+fEA+
 TPuFtkjGmluSe+xWBVK7+6xuF6rcLEbNXuFWRi3qMSMgH8rtGfeJRonusOGPolwC
 jQ1T7szW
 =UJ/O
 -----END PGP SIGNATURE-----

Merge tag 'v2021.04-rc5' into next

Prepare v2021.04-rc5
2021-03-29 18:00:21 -04:00
Jose Marinho
de489d82e3 test: test the ESRT creation
This commit slightly extends test_efi_capsule_fw3.

 In order to run the test the following must be added to
 sandbox_defconfig:
  +CONFIG_CMD_SF=y
  +CONFIG_CMD_MEMORY=y
  +CONFIG_CMD_FAT=y
  +CONFIG_DFU=y

 The ESRT is printed in the u-boot shell by calling efidebug esrt.
 The test ensures that, after the capsule is installed, the  ESRT
 contains entries with the GUIDs:
  - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID;
  - EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;

test invocation:
 sudo ./test/py/test.py --bd sandbox -k capsule_fw3 -l --build

CC: Heinrich Schuchardt	<xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Alexander Graf <agraf@csgraf.de>
CC: nd@arm.com
Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-25 20:19:42 +01:00
Ilias Apalodimas
cbea241e93 efidebug: add multiple device path instances on Boot####
The UEFI spec allows a packed array of UEFI device paths in the
FilePathList[] of an EFI_LOAD_OPTION. The first file path must
describe the loaded image but the rest are OS specific.

Previous patches parse the device path and try to use the second
member of the array as an initrd. So let's modify efidebug slightly
and install the second file described in the command line as the
initrd device path.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2021-03-25 20:14:26 +01:00
Andy Shevchenko
9262fe1559 test: Include /sbin to the PATH when creating ext4 disk image
On some distributions the mkfs.ext4 is under /sbin and /sbin is not set
for mere users. Include /sbin to the PATH when creating ext4 disk image,
so that users won't get a scary traceback from Python.

Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-17 12:50:19 -04:00
Tom Rini
22fc991daf Prepare v2021.04-rc4
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmBPhiUACgkQFHw5/5Y0
 tywChgv/RYpdSKrD5s4kCJnImfOwDznESj/CqAQK3Au5zviq7qXRrgxyTKv2e1wM
 W51vUBd0cE1YTACXqbr92wSSyqoTthLqd57KQgVele5uC2dvkqVTSvjPOUwtyIbQ
 BTPkoQnHPn30AILRdPjpEdBGfZhJDDtJFdQopn6h4GjEjPKVH8Wx1Dd+V6SD5f20
 WiksUjgdjMr1AmORY+LdwwJO8FZrGGPYgs8CDtiqxmCSwh3d7kUFFTT+G23BZdo7
 M+81+1uIUaW2Bolds7ZTPrrjr8bPwkWoTqNYhUB4bNPLp72gwnjM1rtU1X3hyiJM
 MdxSBimLHUOYPihfeSYCHSUrJaQFAAEFkuzWfZN1fgoswKEZQIVVVTzT/TomTyqf
 1DIXD+0HpXGKgVLW/Nkpl4D+UFjR865XI4kiuDxddjKI7bGbvDlbZ/k3PNelD7op
 umUswHnC3OTSw/g+A9VH/zf1rMFNLfu++vD7XJtdoWlcsl6x6/6Fh75tuC6K/X0K
 caPmehD3
 =ENym
 -----END PGP SIGNATURE-----

Merge tag 'v2021.04-rc4' into next

Prepare v2021.04-rc4
2021-03-15 12:15:38 -04:00
Igor Opaniuk
7f047b4f5b test: py: add initial coverage for scp03 cmd
Add initial test coverage for SCP03 command.

Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-03-14 11:50:16 -04:00
Simon Glass
a353e76da9 test: Re-enable test_ofplatdata
This was inadvertently disabled after a recent change. Re-enable it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:29 -05:00
Simon Glass
bef1b28335 sandbox: Drop the 'starting...' message
This message is annoying since it is only useful for testing. Drop it and
update the test to cope.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-03-12 09:57:29 -05:00
Heinrich Schuchardt
7d3eff3412 efi_loader: correct uboot_bin_env.its file format
Up to now the EFI capsule Python tests were always skipped. The reason is
that mkimage fails with:

uboot_bin_env.its:13.21-23.5: Warning (unit_address_vs_reg):
/images/u-boot-bin@100000: node has a unit name, but no reg property
uboot_bin_env.its:24.21-34.5: Warning (unit_address_vs_reg):
/images/u-boot-env@150000: node has a unit name, but no reg property

If a unit in a device-tree has an address, a reg property must be provided.
But adding a reg property is not the solution here.

Since 2017 unit addresses are disallowed for FIT,
cf. common/image-fit.c:1624.

So remove the unit addresses in uboot_bin_env.its.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2021-03-07 17:37:26 +01:00
Simon Glass
3f04db891a image: Check for unit addresses in FITs
Using unit addresses in a FIT is a security risk. Add a check for this
and disallow it.

CVE-2021-27138

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 22:31:54 -05:00
Simon Glass
124c255731 libfdt: Check for multiple/invalid root nodes
It is possible to construct a devicetree blob with multiple root nodes.
Update fdt_check_full() to check for this, along with a root node with an
invalid name.

CVE-2021-27097

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 22:31:53 -05:00
Simon Glass
d5f3aadacb test: Add tests for the 'evil' vboot attacks
Add tests to check that these two attacks are mitigated by recent patches.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 19:17:33 -05:00
Simon Glass
fafafacb47 test: Add vboot_evil implementation
Add a library which performs two different attacks on a FIT.

Signed-off-by: Julien Lenoir <julien.lenoir@intel.com>
Signed-off-by: Bruce Monroe <bruce.monroe@intel.com>
Signed-off-by: Arie Haenel <arie.haenel@intel.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
2021-02-15 19:17:29 -05:00
Simon Glass
79af75f777 fit: Don't allow verification of images with @ nodes
When searching for a node called 'fred', any unit address appended to the
name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This
means that we cannot be sure that the node originally intended is the one
that is used.

Disallow use of nodes with unit addresses.

Update the forge test also, since it uses @ addresses.

CVE-2021-27138

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-15 19:17:25 -05:00
Tom Rini
a59e59c9be test: Update test_fs to not use deprecated pytest.yield_fixture()
As noted in comments, yield_fixture has been deprecated for longer than
our minimum required version of pytest.  Newer versions of pytest cause
this to be a louder warning, and as the migration is trivial, perform it
now.

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-01-29 10:36:49 -05:00
Tom Rini
e6b8e948ab test: test_ofplatdata: Mark as sandbox specific
This test checks for output specific to the sandbox device tree, mark it
as sandbox specific.

Signed-off-by: Tom Rini <trini@konsulko.com>
2021-01-29 10:34:34 -05:00
Patrick Delaunay
a4918b2310 test: add test for dropped trace before log_init
Add test for dropped trace before log_init, displayed by debug uart.

Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-15 14:36:11 -05:00
Simon Glass
acfb5308f5 sandbox: Drop unnecessary test node
The spl-test4 node deliberately has an invalid compatible string. This
causes a warning from dtoc and the check it does is not really necessary.
Drop it, to avoid the warning and associated confusion.

Signed-off-by: Simon Glass <sjg@chromium.org>
2021-01-05 12:24:40 -07:00
Heinrich Schuchardt
6ca5ff3f20 test: unit test for exception command
Test that an exception SIGILL is answered by a reset on the sandbox if
CONFIG_SANDBOX_CRASH_RESET=y or by exiting to the OS otherwise.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-12-13 07:58:17 -07:00
AKASHI Takahiro
4926e7d29a test/py: efi_capsule: test for raw image capsule
The test can run on sandbox build and it attempts to execute a firmware
update via a capsule-on-disk, using a raw image capsule,
CONFIG_EFI_CAPSULE_RAW.

To run this test successfully, you need configure U-Boot specifically;
See test_capsule_firmware.py for requirements, and hence it won't run
on Travis CI, at least, for now.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03 21:22:50 +01:00
AKASHI Takahiro
450596f2ac test/py: efi_capsule: test for FIT image capsule
The test can run on sandbox build and it attempts to execute a firmware
update via a capsule-on-disk, using a FIT image capsule,
CONFIG_EFI_CAPSULE_FIT.

To run this test successfully, you need configure U-Boot specifically;
See test_capsule_firmware.py for requirements, and hence it won't run
on Travis CI, at least, for now.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-12-03 21:22:50 +01:00
Heinrich Schuchardt
35d949222f test/py: test poweroff
It is the 'poweroff' and not the 'reset' command that should shut down the
sandbox.

Adjust the unit test accordingly

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-11-05 09:11:30 -07:00
Tom Rini
63d4607e03 of-platdata and dtoc improvements
sandbox SPL tests
 binman support for compressed sections
 -----BEGIN PGP SIGNATURE-----
 
 iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl+cXssRHHNqZ0BjaHJv
 bWl1bS5vcmcACgkQfxc6PpAIreaYuAgAjG05oxt8a4DXhdzGuXBCbehZv2T7X5Lg
 2+i9uwyg3MkKWp0Spm2J+0flWs+1Bynw335hgNVgq+bh29sajOQz2BtgfDKFY+Aw
 D+D16YBEiEuIbIXLzSsv+ct1va83A3JmlxxoaJ7+ZvoN/5Z3ZvJIZ7F4AzmwlAFT
 5pOFgDEfVM4MYFU4R2wZAaJMnYKQrqR5Tvrxecc6OkhvWIgq7j3elE4xOuh2hL/L
 Bz/KM+4Eq+EUALG+quyEzd+gDKoPY2rNOojxS/lg7PRsN6S8engwE+LkcAkMaNG3
 uDVrTYsA8lCJJwso0in25fUy8sEYWaCSVr/82xfRJMWksPajubem7w==
 =9u1O
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-30oct20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

of-platdata and dtoc improvements
sandbox SPL tests
binman support for compressed sections
2020-10-30 15:24:30 -04:00
Sean Anderson
62ef81891d test: log: Convert log_test from python to C
When rebasing this series I had to renumber all my log tests because
someone made another log test in the meantime. This involved updaing a
number in several places (C and python), and it wasn't checked by the
compiler. So I though "how hard could it be to just rewrite in C?" And
though it wasn't hard, it *was* tedious. Tests are numbered the same as
before to allow for easier review.

A note that if a test fails, everything after it will probably also fail.
This is because that test won't clean up its filters.  There's no easy way
to do the cleanup, except perhaps removing all filters in a wrapper
function.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
2020-10-30 10:55:26 -04:00
Simon Glass
a8b1fbc14d dm: test: Drop of-platdata pytest
Now that we have a C version of this test, drop the Python implementation.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Simon Glass
e1e54ffe99 test: Run only the selected SPL test
Use the new -k option to select the test to run.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Simon Glass
bc84d585ec pytest: Collect SPL unit tests
Add a new test_spl fixture to handle running SPL unit tests.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:18 -06:00
Simon Glass
e144cafe43 dtoc: Fix widening of int to bytes
At present an integer is converted to bytes incorrectly. The whole 32-bit
integer is inserted as the first element of the byte array, and the other
three bytes are skipped. This was not noticed because the unit test did
not check it, and the functional test was checking for wrong values.

Update the code to handle this as a special case. Add one more test to
cover all code paths.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-29 14:42:17 -06:00
Lad Prabhakar
274227500a cmd: fat: Use do_save() for fatwrite
do_save() function defined in fs.c also supports FAT file system
re-use the same for fatwrite command.

Also fix the FAT test script to match the expected output.

Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Reviewed-by: Biju Das <biju.das.jz@bp.renesas.com>
2020-10-23 13:33:07 -04:00
Heinrich Schuchardt
a6bfd71a96 cmd/button: return button status
To make the button command useful in a shell script it should return the
status of the button:

* 0 (true) - pressed, on
* 1 (false) - not pressed, off

The button command takes only one argument. Correct maxargs.

Adjust the Python unit test.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-10-14 11:16:34 -04:00
Heinrich Schuchardt
39916bb45f test: sharpen button label unit test
Using different strings for the device tree node labels and the label
property of buttons sharpens the button label unit test.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
2020-10-14 11:16:34 -04:00
Frédéric Danis
26f555a6e5 test: Add PStore command tests
Add PStore command to sandbox and sandbox64 defconfigs.
Add test checking:
- 'pstore display' of all records
- 'pstore display' only the 2nd dump record
- 'pstore save' of all records

Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
[trini: Adjust to always load files from source directory]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Heiko Schocher <hs@denx.de>
2020-10-14 11:16:34 -04:00
Thirupathaiah Annapureddy
feaeee8b5f test: vboot: add tests for multiple required keys
This patch adds vboot tests to verify the support for multiple
required keys using new required-mode DTB policy.

This patch also fixes existing test where dev
key is assumed to be marked as not required, although
it is marked as required.

Note that this patch re-added sign_fit_norequire().
sign_fit_norequire() was removed as part of the following:
commit b008677daf ("test: vboot: Fix pylint errors").
This patch leverages sign_fit_norequire() to fix the
existing bug.

Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-12 21:30:37 -04:00
Simon Glass
3d03ab6361 log: Add a way to enable/disable a log device
At present all log devices are enabled by default. Add a function to allow
devices to be disabled or enabled at runtime.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-10-10 16:50:11 -04:00
Sean Anderson
7f0f1806e3 test: pinmux: Add test for pin muxing
This extends the pinctrl-sandbox driver to support pin muxing, and adds a
test for that behaviour. The test is done in C and not python (like the
existing tests for the pinctrl uclass) because it needs to call
pinctrl_select_state.  Another option could be to add a command that
invokes pinctrl_select_state and then test everything in
test/py/tests/test_pinmux.py.

The pinctrl-sandbox driver now mimics the way that many pinmux devices
work.  There are two groups of pins which are muxed together, as well as
four pins which are muxed individually. I have tried to test all normal
paths. However, very few error cases are explicitly checked for.

Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-10-08 11:42:36 -04:00
Pratyush Yadav
8a34d3d752 test/py: allow multi-digit index in in_tree()
When more nodes are added for a uclass the index might go into two or
more digits. This means that there are less spaces printed because they
are used up by the extra digits. Update the regular expression to allow
variable-length spacing between the class name and and index.

This was discovered when adding a simple_bus node in test.dts made
test_bind_unbind_with_uclass() fail because the index went up to 10.

Signed-off-by: Pratyush Yadav <p.yadav@ti.com>
2020-09-30 11:55:23 -04:00
Heinrich Schuchardt
185440ffc4 test: do no assume hush parser in validate_empty()
The environment variable test uses function validate_empty() to check that
a variable is not defined. If the hush parser is not enabled, we cannot
refer to a variable by $var_name but only by ${var_name}.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Stephen Warren <swarren@nvidia.com>
2020-09-12 10:53:01 -04:00
Tom Rini
8ee3a24fdc Merge branch '2020-08-24-misc-improvements'
- Squashfs compression support
- Coverity fixes
- XEN guest updates
- Finish previous MediaTek updates
- Arm Total Compute platform support
2020-08-25 08:12:05 -04:00
Joao Marcos Costa
91f6c1ca2e test/py: Add tests for LZO and ZSTD
Improve SquashFS tests architecture. Add 'Compression' class. LZO
algorithm may crash if the file is fragmented, so the fragments are
disabled when testing LZO.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Heinrich Schuchardt
2b3fbcb59f efi_loader: use ':' as separator for setenv -i
setenv -e -i <address>,<filesize> can be used to set a UEFI variable
from memory.

For separating an address and a size we use ':' in most commands.
Let's do the same for setenv -e -i.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-08-24 16:37:53 +02:00
Patrice Chotard
e37d4c4fd2 test/py: Update test_bind
As bind-test is now binded at sandbox startup and no more by
test_bind.py, bind-test nodes are not located at the end of
"dm tree" output, but can be located everywhere in the tree, so
bind-test output could either be:

 simple_bus    0  [   ]   generic_simple_bus    |-- bind-test
 phy           0  [   ]   phy_sandbox           |   |-- bind-test-child1
 simple_bus    1  [   ]   generic_simple_bus    |   `-- bind-test-child2

or:

 simple_bus    5  [   ]   generic_simple_bus    `-- bind-test
 phy           2  [   ]   phy_sandbox               |-- bind-test-child1
 simple_bus    6  [   ]   generic_simple_bus        `-- bind-test-child2

in_tree() function need to be updated to take care of that change.

Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-22 07:58:39 -06:00
Patrice Chotard
1f0d5885db sandbox: dts: Add compatible string for bind-test node
Usage of lists_bind_fdt() in bind command imposes to add
a compatible string for bind-test node.

Others impacts are:
  - bind-test node is binded at sandbox start, so no need to bind it
    in test_bind_unbind_with_node() test.
  - As explained just above, after sandbox start, now a phy exist.
    In test/dm/phy.c, it was verified that a third phy didn't exist,
    now we must verified that a fourth phy doesn't exist.

Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-22 07:58:39 -06:00
AKASHI Takahiro
0274e50e05 test/py: efi_secboot: modify 'multiple signatures' test case
The test case 5 in test_signed (multiple signatures) must be modified
and aligned with the change introduced in the previous commit
("efi_loader: signature: correct a behavior against multiple signatures").

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-08-14 12:34:33 +02:00
AKASHI Takahiro
e1174c566a test/py: efi_secboot: add test for intermediate certificates
In this test case, an image may have a signature with additional
intermediate certificates. A chain of trust will be followed and all
the certificates in the middle of chain must be verified before loading.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2020-08-13 22:37:36 +02:00