commit 789ed27842 ("test/py: replace 'tpm2 init, startup, selftest' sequences")
changed some of the tpm2 init sequences to 'tpm2 autostart' instead of
calling 'tpm init', 'tpm startup TPM2_SU_CLEAR', 'tpm2 self_test full'.
The autostart command calls the afforementioned sequence and on top of
that deals with the 'tpm2 init' return codes if the tpm is already
started. Since we initialize the tpm from various subsystems now,
replace the last remaining instances of 'tpm2 init' with 'tpm2
autostart'. Since the latter calls 'tpm2 init' anyway we will still be
implicitly testing the validity of that command
It's worth noting that since 'tpm2 autostart' performs the startup and
self tests sequences of the tpm we could drop
'test_tpm2_sandbox_self_test_full' and 'test_tpm2_startup, but let's
keep the since they test tpm commands and options
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We currently use PCR 0 for testing the PCR read/extend functionality in
our selftests. How ever those PCRs are defined by the TCG spec for
platform use. For example if the tests run *after* the efi subsystem
initialization, which extends PCRs 0 & 7 it will give a false positive.
So let's switch over to a PCR which is more suitable and is defined for
OS use. It's worth noting that we are using PCR10 here, since PCR9 is
used internally by U-Boot if we choose to measure the loaded DTB
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
U-Boot should set up the SMBIOS tables during startup, as it does on x86.
Ensure that it does this correctly on non-x86 machines too, by creating
an event spy for last-stage init.
Tidy up the installation-condition code while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Adds a command called "gpt transpose" which will swap the order two
partition table entries in the GPT partition table (but leaves them
pointing to the same locations on disk).
This can be useful for swapping bootloaders in systems that use an A/B
partitioning scheme where the bootrom is hard coded to look for the
bootloader in a specific index in the GPT partition table.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Sets the bootable flag when constructing the partition string from the
current partition configuration. This ensures that when the partitions
are written back (for example, when renaming a partition), the flag is
preserved.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
If CONFIG_PARTITION_TYPE_GUID is enabled, the type GUID will be
preserved when writing out the partition string. It was already
respected when writing out partitions; this ensures that if you capture
the current partition layout and write it back (such as when renaming),
the type GUIDs are preserved.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Adds a command that can be used to modify the GPT partition table to
indicate which partitions should have the bootable flag set
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Adds an additional variable called gpt_partition_bootable that indicates
if the given partition is bootable or not.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Very few of the existing event-spy records use the arguments they are
passed. Update them to use a simple spy instead, to simplify the code.
Where an adaptor function is currently used, remove it where possible.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the initcall list consists of a list of function pointers. Over
time the initcall lists will likely change to mostly emitting events,
since most of the calls are board- or arch-specific.
As a first step, allow an initcall to be an event type instead of a
function pointer. Add the required macro and update initcall_run_list() to
emit an event in that case, or ignore it if events are not enabled.
The bottom 8 bits of the function pointer are used to hold the event type,
with the rest being all ones. This should avoid any collision, since
initcalls should not be above 0xffffff00 in memory.
Convert misc_init_f over to use this mechanism.
Add comments to the initcall header file while we are here. Also fix up
the trace test to handle the change.
Signed-off-by: Simon Glass <sjg@chromium.org>
The current event spy is always passed the event context and the event.
The context is always NULL for a static spy. The event is not often used.
Introduce a 'simple' spy which takes no arguments. This allows us to drop
the adaptation code that many of these spy records use.
Update the event script to find these in the image.
Signed-off-by: Simon Glass <sjg@chromium.org>
The public key EFI Signature List(ESL) needed for capsule
authentication is now embedded into the platform's DTB as part of the
build. Remove the superfluous logic from the test setup.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
When running the trace test on the sandbox platform, the current size
of 16MiB is no longer large enough for capturing the entire trace
history, and results in truncation. Use a size of 32MiB for the trace
buffer on the sandbox platform while running the trace test.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Support has been added for generating the EFI capsules through
binman. Make changes in the EFI capsule update testing feature to
generate capsules through binman.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The ChromiumOS bootmeth has no tests at present. Before adding more
features. add a basic test.
This creates a disk which can be scanned by the bootmeth, so make sure
things work. It is quite rudimentary, since the kernel is faked, the root
disk is missing and there is no cmdline stored.
Enable the bootmeth for snow so it can build the unit test.
Signed-off-by: Simon Glass <sjg@chromium.org>
These are currently created in the source directory, which is not ideal.
Move them to the persistent-data directory instead. Update the test so
skip validating the filename, since it now includes a full path.
Signed-off-by: Simon Glass <sjg@chromium.org>
Tidy up this tool a little:
- define which arguments are needed
- split the enum values out into a header file
- warn if no enum values are found
- display the dtc error if something goes wrong
- avoid a Python traceback on error
Signed-off-by: Simon Glass <sjg@chromium.org>
Provide a unit test for semihosting testing reading and writing a file.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Sean Anderson <sean.anderson@seco.com>
pytest 7.3.2 treats the function name 'setup' as a fixture [1].
This leads to errors like:
TypeError: setup() missing 2 required positional arguments:
'disk_img' and 'osindications'
Rename setup() to capsule_setup().
[1] How to run tests written for nose
https://docs.pytest.org/en/7.3.x/how-to/nose.html
Fixes: 482ef90aeb ("test: efi_capsule: refactor efi_capsule test")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If test_cat and test_xxd cannot create the required file, the test will
be skipped, but this would result in an exception being raised in the
finally block because the file didn't exist to be cleaned up. This
caused the test to be marked as failed instead of skipped.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Docs describe 'make clean' to delete most generated files, 'make
mrproper' to delete current configuration and all generated files. This
test tries to assert it.
Idea is to search remaining files by patterns in copies of the initial
out-of-source build, which has two advantages:
- looking in an out-of-source build dir allows to tell generated source
code from committed source code
- copying is fast (compared to rebuilding each time) which allows to do
a "world clean"
Signed-off-by: Tobias Deiminger <tdmg@linutronix.de>
On arm64 the its we use to generate the test FIT image has
arch = "arm";
We should use "arm64" here which is mapped to IH_ARCH_ARM64 via
uimage_arch[].
Fixes: 8391f95549 ("test/py: Create a test for launching UEFI binaries from FIT images")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Currently we only read the pcr updates once on test_tpm2_pcr_read().
It turns out that the tpm init sequence of force_init() which consists
of:
- tpm2 init
- tpm2 startup TPM2_SU_CLEAR
- tpm2 self_test full
- tpm2 clear TPM2_RH_LOCKOUT
also counts as an update. Running this in the console verifies the
update bump
=> tpm2 init
=> tpm2 startup TPM2_SU_CLEAR
=> tpm2 self_test full
=> tpm pcr_read 10 $loadaddr
PCR #10 content (28 known updates):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=> tpm2 clear TPM2_RH_LOCKOUT
=> tpm pcr_read 10 $loadaddr
PCR #10 content (29 known updates):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>
With the recent changes of replacing 'tpm2 init' with 'tpm2 autostart'
we end up always running the full init. The reason is 'tpm init'
returns -EBUSY if the tpm is already open, while 'tpm autostart' handles
ths gracefully and continues with the initialization. It's worth noting
that this won't affect the device functionality at all since
retriggering the startup sequence and selftests has no side effects.
Instead of relying on the initial value, reread the 'known updates'
just before updating the PCR to ensure we read the correct values
before testing
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Instead of copy pasting the commands needed to start a TPM consisting
of:
- tpm init
- tpm startup TPM2_SU_CLEAR
- tpm2 self_test full
use the newly added 'autostart' which does the same thing and simplify
our python scripts
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This test covers the FMP versioning for both raw and FIT image,
and both signed and non-signed capsule update.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Current efi capsule python tests have much code duplication.
This commit creates the common function
in test/py/tests/test_efi_capsule/capsule_common.py,
aim to reduce the code size and improve maintainability.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Test the IPv6 network discovery feature if indicated by boardenv file.
Signed-off-by: Ehsan Mohandesi <emohandesi@linux.microsoft.com>
Reviewed-by: Viacheslav Mitrofanov <v.v.mitrofanov@yadro.com>
Requires proper environment with DHCP6 server provisioned.
Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
- Various typo fixes, pass -Werror to host tools builds, bdi cleanups,
fix hush and local variables, a FSL PCI fix and correct some python in
one of the tests.
This function uses the same base name as all the others in this file, so
it is not easy to run just that one test. Add a _base suffix so that it
can be run on its own.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Add a test for the hush shell variable assignment and clear.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Sometimes when doing tests on real hardware we sometimes run in to the
case where some of these mounts haven't been fully flushed. Using the
--lazy option with umount will allow us to continue while letting the OS
handle flushing the data out still.
Signed-off-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We cannot use old_dtb in the finally block if it has not been assigned
before the try block.
test/py/tests/test_efi_fit.py:458:30:
E0601: Using variable 'old_dtb' before assignment (used-before-assignment)
Fixes: 8391f95549 ("test/py: Create a test for launching UEFI binaries from FIT images")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Fix pylint warnings like:
* Class inherits from object
* Missing module description
* Missing class description
* First line of comment blank
* Superfluous imports
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
test_abootimg is extended to include the testing of boot images
version 4. For this, boot.img and vendor_boot.img have been
generated using mkbootimg tool with setting the header
version to 4.
This tests:
- Getting the header version using abootimg
- Extracting the load address of the dtb
- Extracting the dtb start address in RAM
Running test:
$ ./test/py/test.py --bd sandbox --build -k test_abootimg
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Mattijs Korpershoek <mkorpershoek@baylibre.com>
At present this inadvertently relies on having a symlink to the correct
file from the current directory. Use the correct path to fix this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add test_fdt_add_pubkey test which provides simple functionality test
which contains such steps:
create DTB and FIT files
add keys with fdt_add_pubkey to DTB
sign FIT image
check with fit_check_sign that keys properly added to DTB file
Signed-off-by: Roman Kopytin <Roman.Kopytin@kaspersky.com>
Signed-off-by: Ivan Mikhaylov <fr0st61te@gmail.com>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Ensure that a freshly written fat file with a lower case filename which
fits into the upper case 8.3 short filename is not mangeled with a tilde
and number.
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
We expect the profile and bootstage to agree on timing, but when
running on slow machines there can be a larger descrepency. Increase the
tolerance to fix this.
Fixes: 9cea4797ae ("trace: Add a test")
Signed-off-by: Simon Glass <sjg@chromium.org>
Test that:
- sandbox shows a warning when an unmigrated DT is used
- sandbox fails to run when migration is turned off
- sandbox_spl fails to build when migration is turned off
Signed-off-by: Simon Glass <sjg@chromium.org>