Before the capsule authentication is supported, this test script works
correctly, but with the feature enabled, most tests will fail due to
unsigned capsules.
So check the results depending on CAPSULE_AUTHENTICATE or not.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This test scenario tests a new feature of mkeficapsule, "--guid" option,
which allows us to specify FMP driver's guid explicitly at the command
line.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Since the syntax of mkeficapsule was changed in the previous commit,
we need to modify command line arguments in a pytest script.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a couple of test cases against capsule image authentication
for capsule-on-disk, where only a signed capsule file with the verified
signature will be applied to the system.
Due to the difficulty of embedding a public key (esl file) in U-Boot
binary during pytest setup time, all the keys/certificates are pre-created.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Stress the '-o algo_name' argument of mkimage by expanding the vboot
test.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Update scripts/pylint.base]
Add to support rsa 3072 bits algorithm in tools
for image sign at host side and adds rsa 3072 bits
verification in the image binary.
Add test case in vboot for sha384 with rsa3072 algorithm testing.
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
* assert does not need parentheses
* add module docstring
* fix misspelled constant True
* limit lines to 100 characters
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This test checks for output specific to the sandbox blk device
"sandbox_host_blk", mark it as sandbox specific.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
With TPM emulation enabled in u-boot-test-hooks we should also provide the
tpm2 command used for the test/py/tests/test_tpm2.py test.
One of the Python TPMv2 tests expects sandbox specific values. So disable
it on other platforms.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
At present an Exception is raised if a command fails. This is a very broad
class and makes it difficult for callers to catch the error without also
catching other things, like programming bugs.
Change it to ValueError to make this easier.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present the collection function used by pytest is quite strict on the
naming of the functions it detects. In particular it requires the name of
the test to be repeated in the function name.
This is not enforced anywhere else, but instead the tests are silently
omitted from the pytest run. This affects a few dozen tests.
The rule does not seem to have any particular purpose. Relax it, so that
all tests that use the UNIT_TEST() macro will run, regardless of the name
of the test function.
Signed-off-by: Simon Glass <sjg@chromium.org>
When running a program on the host, allow input to be passed in as stdin.
This is needed for running sfdisk, for example.
Signed-off-by: Simon Glass <sjg@chromium.org>
* there is no os.path.unlink() method
* don't inherit from object
* add module docstring
* move imports to the top
* avoid unused variable
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
* don't inherit from object
* imports should be on the top level
* avoid unused variable names
* avoid unnecessary else after raise
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present U-Boot environment variables, and thus scripts, are defined
by CONFIG_EXTRA_ENV_SETTINGS. It is painful to add large amounts of text
to this file and dealing with quoting and newlines is harder than it
should be. It would be better if we could just type the script into a
text file and have it included by U-Boot.
Add a feature that brings in a .env file associated with the board
config, if present. To use it, create a file in a board/<vendor>
directory, typically called <board>.env and controlled by the
CONFIG_ENV_SOURCE_FILE option.
The environment variables should be of the form "var=value". Values can
extend to multiple lines. See the README under 'Environment Variables:'
for more information and an example.
In many cases environment variables need access to the U-Boot CONFIG
variables to select different options. Enable this so that the environment
scripts can be as useful as the ones currently in the board config files.
This uses the C preprocessor, means that comments can be included in the
environment using /* ... */
Also support += to allow variables to be appended to. This is needed when
using the preprocessor.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Tested-by: Marek Behún <marek.behun@nic.cz>
When a test hands on a real board there is no way on the console to obtain
any information about why it hung.
With sandbox we can actually find out that it died and get a signal or
exit code. Add this to make it easier to figure out what happened.
So instead of:
test/py/u_boot_spawn.py:171: in expect
c = os.read(self.fd, 1024).decode(errors='replace')
E OSError: [Errno 5] Input/output error
We get:
test/py/u_boot_spawn.py:171: in expect
c = os.read(self.fd, 1024).decode(errors='replace')
E ValueError: U-Boot exited with signal 11 (Signals.SIGSEGV)
Signed-off-by: Simon Glass <sjg@chromium.org>
This produces a lot of code output which is not very helpful and is quite
annoying to wade through. Use the short format by default.
Signed-off-by: Simon Glass <sjg@chromium.org>
- Disable bi_boot_params for STM32 MCU and MPU boards
- Update stm32-usbphyc node management
- Convert CONFIG_STM32_FLASH to Kconfig for STM32 MCU boards
- Convert some USB config flags to Kconfig for various boards
- Convert CONFIG_BOOTCOMMAND flag to Kconfig for STM32 F429 board
- Remove specific CONFIG_STV0991 flags
- Remove unused CONFIG_USER_LOWLEVEL_INIT flag
- Add ofdata_to_platdata() callback for stm32_spi driver
- Update for stm32f7_i2c driver
- Remove gpio_hog_probe_all() from STM32 MP1 board
- Fix bind command
-----BEGIN PGP SIGNATURE-----
iQJQBAABCgA6FiEEXyrViUccKBz9c35Jysd4L3sz/6YFAmFlgsIcHHBhdHJpY2Uu
Y2hvdGFyZEBmb3NzLnN0LmNvbQAKCRDKx3gvezP/plnND/4q9HSlvddybIPjBHlW
rXz1ISwj8JZPp7R4MJcB4RiHofYZzjTXx3dDYUif6oQMpCDp64KPfcUDW0kaq8U7
ZFwJvt59boV1XWlonIXMb3gAkY6gFa5PnYAE/YXEqKvPPvUb7FkT7BWxm4LxCGsj
mEmboR8u87s6e4ZP03HJsSVa5FnNwJUZU8b+58Vxp10YC0PPf7kpmgCucDhrghvY
TORlk259KUFoZXz4J4My0VzDdxE05gDqq1m6Xw1CzqcUbGysMvjNEHlxGdYbWD/U
maamP19DUmKUREmpj3kO/JZvacLJlQP/mdGJ0OWKNbIr/3ha4dYagxDoRodEVo0m
DYaaVPGvG24G78d5meB2q9wT0aGdTyaqm+XRBQMvMN2LlaGmu9duA1t6yBuyMcFk
BeA7d0eHMo1ezD9FFZMxwIOAWhJlcYQEAMFhUwkR1B322w0NU4nbl9KRCGuGV2Zp
ZFQV4BoMvb0NwAdo66xwZ+gSq4Wp1y46VM6x2Mw52v2F4p3teeAqR906TdQVYO8+
hlYChO9+qK4JO7LPX/5wQ4FIzcq1HnTzTpuOSf28hsemiPMu0OkAQv1J7DohNZix
wELBA+ZIjGXksmDTPjpXg5CSvVALa/l2G816hp7/XTJ1XRBSz/pzjhp5rwm42zmw
x7EPnwzpAlQCSqTQ0sgO+fgoRA==
=S4kl
-----END PGP SIGNATURE-----
Merge tag 'u-boot-stm32-20211012' of https://source.denx.de/u-boot/custodians/u-boot-stm
- Disable ATAGS for STM32 MCU and MPU boards
- Disable bi_boot_params for STM32 MCU and MPU boards
- Update stm32-usbphyc node management
- Convert CONFIG_STM32_FLASH to Kconfig for STM32 MCU boards
- Convert some USB config flags to Kconfig for various boards
- Convert CONFIG_BOOTCOMMAND flag to Kconfig for STM32 F429 board
- Remove specific CONFIG_STV0991 flags
- Remove unused CONFIG_USER_LOWLEVEL_INIT flag
- Add ofdata_to_platdata() callback for stm32_spi driver
- Update for stm32f7_i2c driver
- Remove gpio_hog_probe_all() from STM32 MP1 board
- Fix bind command
Signed-off-by: Tom Rini <trini@konsulko.com>
These tests currently run in a particular sequence, with some of them
depending on the actions of earlier tests.
Add a check for sandbox and reset to a known state at the start of each
test, so that all tests can run in parallel.
Signed-off-by: Simon Glass <sjg@chromium.org>
The -z tests don't really need to be part of the main set. Separate them
out so we can drop the test setup/cleans functions and thus run all tests
in parallel.
Signed-off-by: Simon Glass <sjg@chromium.org>
Update the tests to use separate working directories, so we can run them
in parallel. It also makes it possible to see the individual output files
after the tests have completed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Target code and mkimage share the same hashing infrastructure. If one
is wrong, it's very likely that both are wrong in the same way. Thus
testing won't catch hash regressions. This already happened in
commit 92055e138f ("image: Drop if/elseif hash selection in
calculate_hash()"). None of the tests caught that CRC32 was broken.
Instead of testing hash_calculate() against itself, create a FIT with
containing a kernel with pre-calculated hashes. Then check the hashes
produced against the known good hashes.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tpm test cases relies on tpm device setup. Provide an environment
variable "env__tpm_device_test_skip = True" to skip the test case
if tpm device is not present.
Only needed will have to add variable to the py-test framework.
Test runs successfully even this variable is absent.
Signed-off-by: T Karthik Reddy <t.karthik.reddy@xilinx.com>
Signed-off-by: Ashok Reddy Soma <ashok.reddy.soma@xilinx.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
It is fairly easy to handle this case and it makes the emulator more
useful, since PCRs are commonly extended several times.
Add support for this, using U-Boot's sha256 support.
For now sandbox only supports a single PCR, but that is enough for the
tests that currently exist.
Signed-off-by: Simon Glass <sjg@chromium.org>
Some builds of squashfs-tools append version string with "-git" or
similar. The float() conversion will fail in this case.
Improve the code to only convert to float() the string before the '-'
character.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
After the commit c70f44817d ("efi_loader: simplify 'printenv -e'"),
"-all" option is no longer necessary.
Just remove them in the test script.
Fixes: c70f44817d ("efi_loader: simplify 'printenv -e'")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Update the result of do_status and always returns a CMD_RET_ value
(-ENOSYS was a possible result of show_pinmux).
This patch also adds pincontrol name in error messages (dev->name)
and treats correctly the status sub command when pin-controller device is
not selected.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add more details to test cases by comparing each expected line with the
command's output. Add new test cases:
- sqfsls at an empty directory
- sqfsls at a sub-directory
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Joao Marcos Costa <jmcosta944@gmail.com>
The previous strategy to know if a file was correctly loaded was to
check for how many bytes were read and compare it against the file's
original size. Since this is not a good solution, replace it by
comparing the checksum of the loaded bytes against the original file's
checksum. Add more test cases: files at a sub-directory and non-existent
file.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Joao Marcos Costa <jmcosta944@gmail.com>
Remove the previous OOP approach, which was confusing and incomplete.
Add more test cases by making SquashFS images with various options,
concerning file fragmentation and its compression. Add comments to
properly document the code.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Joao Marcos Costa <jmcosta944@gmail.com>
Some filesystem tests are failing when their image is prepared with
guestmount, but succeeding if loop mounts are used instead. The reason
seems to be a race condition the guestmount(1) manual page explains:
When guestunmount(1)/fusermount(1) exits, guestmount may still be
running and cleaning up the mountpoint. The disk image will not be
fully finalized.
This means that scripts like the following have a nasty race condition:
guestmount -a disk.img -i /mnt
# copy things into /mnt
guestunmount /mnt
# immediately try to use 'disk.img' ** UNSAFE **
The solution is to use the --pid-file option to write the guestmount
PID to a file, then after guestunmount spin waiting for this PID to
exit.
The Python standard library has an os.waitpid() function for waiting a
child to terminate, but it cannot wait on non-child processes. Implement
a utility function that can do this by polling the process repeatedly
for a given duration, optionally killing the process if it won't
terminate on its own. Apply the suggested solution with this utility
function, which makes the failing tests succeed again.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
If guestmount isn't available on the system, filesystem test setup falls
back to using loop mounts to prepare its disk images. If guestmount is
available but fails to work, the tests are immediately skipped. Instead
of giving up on a guestmount failure, try using loop mounts as an
attempt to keep tests running.
Also stop checking if guestmount is in PATH, as trying to run a missing
guestmount can now follow the same failure codepath and fall back to
loop mounts anyway.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
On some distributions the mkfs is under /sbin and /sbin is not set
for mere users. Include /sbin to the PATH when creating file system,
so that users won't get a scary traceback from Python.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Commit 1ba21bb06b ("test: Don't unmount not (yet) mounted system")
fixes an issue in the filesystem tests where the test setup may fail
to mount an image and still attempt to unmount it. However, the commit
unintentionally breaks the test setups in two ways.
The newly created unmounted filesystem images are being immediately
deleted due to some cleanup steps being misplaced into finally blocks,
which makes them always run instead of only on failures. The mount calls
always fail since the images never exist, causing the tests to be always
skipped. This patch moves these cleanup calls into the except blocks to
fix this and makes the tests run again.
There are also unmount calls misplaced into finally blocks, making them
run after the tests instead of before the tests. These unmount calls
make the filesystem image file consistent with the changes made to it as
part of the test setup, and this misplacement is making a number of
tests fail unexpectedly.
The unmount calls must be run before the tests use the image, meaning
before the yield call and not in the finally block. They must also be
run as a cleanup step when the filesystem setup fails, so they can't be
placed as the final call in the try blocks since they would be skipped
on such failures. For these reasons, this patch places the unmount calls
both in the except blocks and the else blocks of the final setup step.
This makes the unexpectedly failing tests to succeed again.
Furthermore, this isolates the mount calls to their own try-except
statement to avoid reintroducing the original issue of unmounting a
not-mounted image while fixing the unmount misplacement.
After these fixes, running "make tests" with guestmount available results
in two test failures not related to the mentioned commit. If the
guestmount executables are unavailable, the mounts fallback to using
sudo and result in no failures.
Fixes: 1ba21bb06b ("test: Don't unmount not (yet) mounted system")
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Improve the regular expression that matches unittest symbols in
u-boot.sym.
Currently we do not enforce no prefix in symbol string, but with the
soon to come change in linker lists declaring lists and entries with the
__ADDRESSABLE macro (because of LTO), the symbol file will contain for
every symbol of the form
_u_boot_list_2_ut_X_2_Y
also symbol
__UNIQUE_ID___addressable__u_boot_list_2_ut_X_2_YN,
(where N at the end is some number).
In order to avoid matching these additional symbols, ensure that the
character before "_u_boot_list_2_ut" is not a symbol name character.
Signed-off-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit extends the sandbox to implement a dummy
extension_board_scan() function and enables the extension command in
the sandbox configuration. It then adds a test that checks the proper
functionality of the extension command by applying two Device Tree
overlays to the sandbox Device Tree.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
[trini: Limit to running on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Bump our py version to 1.10.0 to address CVE-2020-29651.
Reported-by: GitHub dependabot
Reported-by: Ley Foon Tan <ley.foon.tan@intel.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
commit cbea241e935e("efidebug: add multiple device path instances on Boot####")
slightly tweaked the efidebug syntax adding -b, -i and -s for the boot
image, initrd and optional data.
The pytests using this command were adapted as well. However I completely
missed the last "" argument, which at the time indicated the optional data
and needed conversion as well. This patch is adding the missing -s flag
and the tests are back to normal.
Fixes: cbea241e935e("efidebug: add multiple device path instances on Boot####")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviwed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add support for stack protector for UBOOT, SPL, and TPL
as well as new pytest for stackprotector
Signed-off-by: Joel Peshkin <joel.peshkin@broadcom.com>
Adjust UEFI build flags.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Originally, the ECDSA code path used 'keydir' as the key filename.
mkimage has since been updated to include a new 'keyfile' argument.
Use the new argument for passing in the key.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a test to make sure that the ECDSA signatures generated by
mkimage can be verified successfully. pyCryptodomex was chosen as the
crypto library because it integrates much better with python code.
Using openssl would have been unnecessarily painful.
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
We wish to use pycryptodomex to verify code paths involving ECDSA
signatures. Add it to requirements.txt so that they get picked up
automatically .gitlab and .azure tasks
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
A sandbox driver and test are added for the qfw uclass, and a test in
QEMU added for qfw functionality to confirm it doesn't break in real
world use.
Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The latest versions of pygit2 are not available in practically any
distribution at this time. Furthermore, we don't need the latest in
order to run all of our testsuites. Reduce this version requirement to
something older that meets our needs while still supporting running our
tests on older hosts (and so, test labs).
Reported-by: Tom Warren <twarren@nvidia.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
When test suite tries to create a file for a new filesystem test case and fails,
the clean up of the exception tries to unmount the image, that has not yet been
mounted. When it happens, the fuse_mounted global variable is set to False and
inconveniently the test case tries to use sudo, so without this change the
admin of the machine gets an (annoying) email:
Subject: *** SECURITY information for example.com ***
example.com : Feb 5 19:43:47 : ... COMMAND=/bin/umount .../build-sandbox/persistent-data/mnt
and second run of the test cases on uncleaned build folder will ask for sudo
which is not what expected.
Besides that there is a double unmount calls during successfully run test case.
All of these due to over engineered Python try-except clause and people didn't
get it properly at all. The rule of thumb is that don't use more keywords than
try-except in the exception handling code. Nevertheless, here we adjust code
to be less intrusive to the initial logic behind that complex and unclear
constructions in the test case, although it adds a lot of lines of the code,
i.e. splits one exception handler to three, so on each step we know what
cleanup shall perform.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit slightly extends test_efi_capsule_fw3.
In order to run the test the following must be added to
sandbox_defconfig:
+CONFIG_CMD_SF=y
+CONFIG_CMD_MEMORY=y
+CONFIG_CMD_FAT=y
+CONFIG_DFU=y
The ESRT is printed in the u-boot shell by calling efidebug esrt.
The test ensures that, after the capsule is installed, the ESRT
contains entries with the GUIDs:
- EFI_FIRMWARE_IMAGE_TYPE_UBOOT_FIT_GUID;
- EFI_FIRMWARE_IMAGE_TYPE_UBOOT_RAW_GUID;
test invocation:
sudo ./test/py/test.py --bd sandbox -k capsule_fw3 -l --build
CC: Heinrich Schuchardt <xypron.glpk@gmx.de>
CC: Sughosh Ganu <sughosh.ganu@linaro.org>
CC: AKASHI Takahiro <takahiro.akashi@linaro.org>
CC: Ilias Apalodimas <ilias.apalodimas@linaro.org>
CC: Andre Przywara <andre.przywara@arm.com>
CC: Alexander Graf <agraf@csgraf.de>
CC: nd@arm.com
Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The UEFI spec allows a packed array of UEFI device paths in the
FilePathList[] of an EFI_LOAD_OPTION. The first file path must
describe the loaded image but the rest are OS specific.
Previous patches parse the device path and try to use the second
member of the array as an initrd. So let's modify efidebug slightly
and install the second file described in the command line as the
initrd device path.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
On some distributions the mkfs.ext4 is under /sbin and /sbin is not set
for mere users. Include /sbin to the PATH when creating ext4 disk image,
so that users won't get a scary traceback from Python.
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present each test suite has its own portion of the linker_list section
of the image, but other lists are interspersed. This makes it hard to
enumerate all the available tests without knowing the suites that each one
is in.
Place all tests together in a single contiguous list by giving them
common prefix not used elsewhere in U-Boot. This makes it possible to find
the start and end of all tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Up to now the EFI capsule Python tests were always skipped. The reason is
that mkimage fails with:
uboot_bin_env.its:13.21-23.5: Warning (unit_address_vs_reg):
/images/u-boot-bin@100000: node has a unit name, but no reg property
uboot_bin_env.its:24.21-34.5: Warning (unit_address_vs_reg):
/images/u-boot-env@150000: node has a unit name, but no reg property
If a unit in a device-tree has an address, a reg property must be provided.
But adding a reg property is not the solution here.
Since 2017 unit addresses are disallowed for FIT,
cf. common/image-fit.c:1624.
So remove the unit addresses in uboot_bin_env.its.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add pygit2 and pyelftools to the list of packages for virtualenv
needed to run all sets of pytests.This fixes warnings like:
binman.elf_test.TestElf.testDecodeElf (subunit.RemotedTestCase):
Python elftools not available
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Using unit addresses in a FIT is a security risk. Add a check for this
and disallow it.
CVE-2021-27138
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
It is possible to construct a devicetree blob with multiple root nodes.
Update fdt_check_full() to check for this, along with a root node with an
invalid name.
CVE-2021-27097
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Add tests to check that these two attacks are mitigated by recent patches.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
Add a library which performs two different attacks on a FIT.
Signed-off-by: Julien Lenoir <julien.lenoir@intel.com>
Signed-off-by: Bruce Monroe <bruce.monroe@intel.com>
Signed-off-by: Arie Haenel <arie.haenel@intel.com>
Signed-off-by: Simon Glass <sjg@chromium.org>
When searching for a node called 'fred', any unit address appended to the
name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This
means that we cannot be sure that the node originally intended is the one
that is used.
Disallow use of nodes with unit addresses.
Update the forge test also, since it uses @ addresses.
CVE-2021-27138
Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
The implementation of pytest_runtest_protocol() must call
pytest_runtest_logstart() and pytest_runtest_logfinish(). This appears to
be necessary even in pytest 5.2.1 judging by the default version of
pytest_runtest_protocol(), but evidently some form of code reorganization
in pytest only made this have a practical effect in the newer version. I'd
previously been under the impression that 100% of the required work of
pytest_runtest_protocol() was handled by the fact it called
runtestprotocol() as its implementation. However, it appears that custom
implementations do need to do a little more than this.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Stephen Warren <swarren@wwwdotorg.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
As noted in comments, yield_fixture has been deprecated for longer than
our minimum required version of pytest. Newer versions of pytest cause
this to be a louder warning, and as the migration is trivial, perform it
now.
Signed-off-by: Tom Rini <trini@konsulko.com>
With Pytest 6.0.2 'make tests' fails:
sandbox: Traceback (most recent call last):
File "./test/py/test.py", line 20, in <module>
sys.exit(load_entry_point('pytest', 'console_scripts', 'pytest')(args))
TypeError: console_main() takes 0 positional arguments but 1 was given
The definition of console_scripts has changed as follows:
Pytest 4.6.1:
[options.entry_points]
console_scripts =
pytest=pytest:main
py.test=pytest:main
Pytest 6.0.2:
[options.entry_points]
console_scripts =
pytest=pytest:console_main
py.test=pytest:console_main
The new function console_main() has a comment:
"This function is not meant for programmable use; use `main()`"
Hence let's call pytest.main() directly.
Move args processing into the __main__ paragraph.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Tested-by: Tom Rini <trini@konsulko.com>
Convert test/py/README.md to restructured text and add it to the generated
HTML documentation.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add test for dropped trace before log_init, displayed by debug uart.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The spl-test4 node deliberately has an invalid compatible string. This
causes a warning from dtoc and the check it does is not really necessary.
Drop it, to avoid the warning and associated confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Test that an exception SIGILL is answered by a reset on the sandbox if
CONFIG_SANDBOX_CRASH_RESET=y or by exiting to the OS otherwise.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
The test can run on sandbox build and it attempts to execute a firmware
update via a capsule-on-disk, using a raw image capsule,
CONFIG_EFI_CAPSULE_RAW.
To run this test successfully, you need configure U-Boot specifically;
See test_capsule_firmware.py for requirements, and hence it won't run
on Travis CI, at least, for now.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
The test can run on sandbox build and it attempts to execute a firmware
update via a capsule-on-disk, using a FIT image capsule,
CONFIG_EFI_CAPSULE_FIT.
To run this test successfully, you need configure U-Boot specifically;
See test_capsule_firmware.py for requirements, and hence it won't run
on Travis CI, at least, for now.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
It is the 'poweroff' and not the 'reset' command that should shut down the
sandbox.
Adjust the unit test accordingly
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
When rebasing this series I had to renumber all my log tests because
someone made another log test in the meantime. This involved updaing a
number in several places (C and python), and it wasn't checked by the
compiler. So I though "how hard could it be to just rewrite in C?" And
though it wasn't hard, it *was* tedious. Tests are numbered the same as
before to allow for easier review.
A note that if a test fails, everything after it will probably also fail.
This is because that test won't clean up its filters. There's no easy way
to do the cleanup, except perhaps removing all filters in a wrapper
function.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
At present an integer is converted to bytes incorrectly. The whole 32-bit
integer is inserted as the first element of the byte array, and the other
three bytes are skipped. This was not noticed because the unit test did
not check it, and the functional test was checking for wrong values.
Update the code to handle this as a special case. Add one more test to
cover all code paths.
Signed-off-by: Simon Glass <sjg@chromium.org>
do_save() function defined in fs.c also supports FAT file system
re-use the same for fatwrite command.
Also fix the FAT test script to match the expected output.
Signed-off-by: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
Reviewed-by: Biju Das <biju.das.jz@bp.renesas.com>
To make the button command useful in a shell script it should return the
status of the button:
* 0 (true) - pressed, on
* 1 (false) - not pressed, off
The button command takes only one argument. Correct maxargs.
Adjust the Python unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
Using different strings for the device tree node labels and the label
property of buttons sharpens the button label unit test.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Philippe Reynes <philippe.reynes@softathome.com>
Add PStore command to sandbox and sandbox64 defconfigs.
Add test checking:
- 'pstore display' of all records
- 'pstore display' only the 2nd dump record
- 'pstore save' of all records
Signed-off-by: Frédéric Danis <frederic.danis@collabora.com>
[trini: Adjust to always load files from source directory]
Signed-off-by: Tom Rini <trini@konsulko.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Wolfgang Denk <wd@denx.de>
Cc: Heiko Schocher <hs@denx.de>
This patch adds vboot tests to verify the support for multiple
required keys using new required-mode DTB policy.
This patch also fixes existing test where dev
key is assumed to be marked as not required, although
it is marked as required.
Note that this patch re-added sign_fit_norequire().
sign_fit_norequire() was removed as part of the following:
commit b008677daf ("test: vboot: Fix pylint errors").
This patch leverages sign_fit_norequire() to fix the
existing bug.
Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
At present all log devices are enabled by default. Add a function to allow
devices to be disabled or enabled at runtime.
Signed-off-by: Simon Glass <sjg@chromium.org>
This extends the pinctrl-sandbox driver to support pin muxing, and adds a
test for that behaviour. The test is done in C and not python (like the
existing tests for the pinctrl uclass) because it needs to call
pinctrl_select_state. Another option could be to add a command that
invokes pinctrl_select_state and then test everything in
test/py/tests/test_pinmux.py.
The pinctrl-sandbox driver now mimics the way that many pinmux devices
work. There are two groups of pins which are muxed together, as well as
four pins which are muxed individually. I have tried to test all normal
paths. However, very few error cases are explicitly checked for.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When more nodes are added for a uclass the index might go into two or
more digits. This means that there are less spaces printed because they
are used up by the extra digits. Update the regular expression to allow
variable-length spacing between the class name and and index.
This was discovered when adding a simple_bus node in test.dts made
test_bind_unbind_with_uclass() fail because the index went up to 10.
Signed-off-by: Pratyush Yadav <p.yadav@ti.com>
The environment variable test uses function validate_empty() to check that
a variable is not defined. If the hush parser is not enabled, we cannot
refer to a variable by $var_name but only by ${var_name}.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Stephen Warren <swarren@nvidia.com>
Improve SquashFS tests architecture. Add 'Compression' class. LZO
algorithm may crash if the file is fragmented, so the fragments are
disabled when testing LZO.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
setenv -e -i <address>,<filesize> can be used to set a UEFI variable
from memory.
For separating an address and a size we use ':' in most commands.
Let's do the same for setenv -e -i.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
As bind-test is now binded at sandbox startup and no more by
test_bind.py, bind-test nodes are not located at the end of
"dm tree" output, but can be located everywhere in the tree, so
bind-test output could either be:
simple_bus 0 [ ] generic_simple_bus |-- bind-test
phy 0 [ ] phy_sandbox | |-- bind-test-child1
simple_bus 1 [ ] generic_simple_bus | `-- bind-test-child2
or:
simple_bus 5 [ ] generic_simple_bus `-- bind-test
phy 2 [ ] phy_sandbox |-- bind-test-child1
simple_bus 6 [ ] generic_simple_bus `-- bind-test-child2
in_tree() function need to be updated to take care of that change.
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Usage of lists_bind_fdt() in bind command imposes to add
a compatible string for bind-test node.
Others impacts are:
- bind-test node is binded at sandbox start, so no need to bind it
in test_bind_unbind_with_node() test.
- As explained just above, after sandbox start, now a phy exist.
In test/dm/phy.c, it was verified that a third phy didn't exist,
now we must verified that a fourth phy doesn't exist.
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
The test case 5 in test_signed (multiple signatures) must be modified
and aligned with the change introduced in the previous commit
("efi_loader: signature: correct a behavior against multiple signatures").
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
In this test case, an image may have a signature with additional
intermediate certificates. A chain of trust will be followed and all
the certificates in the middle of chain must be verified before loading.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
It won't be very useful to customize HELLO_PATH and EFI_SECBOOT_IMAGE_NAME
under the current code base. So just remove them.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Use "cons.config.build_dir" instead of writing to the source directory
(read-only). This will fix the test failures in Azure.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
On some devices the environment variable serial# cannot be overwritten.
Set the variable only if it is not set.
For our unit test it is sufficient to test if any value for serial-number
is set.
Fixes: 8a5cdf601f ("test: efi_selftest: Do not force serial# setting")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The hush parser not enabled for some boards, e.g.
sipeed_maix_bitm_defconfig.
With CONFIG_HUSH_PARSER=n a double quotation mark is not interpreted as the
beginning of a string. Use a single quotation mark instead.
Furthermore without the hush parser variables have to be referenced as
${varname}. Add the missing braces.
Reported-by: Sean Anderson <seanga2@gmail.com>
Fixes: 8b86c609b8 ("test/py: add test of basic shell functionality")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Modify various test/py filesystem creation routines to support systems
that don't implement the metadata_csum ext4 feature.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Add Python scripts to test 'ls' and 'load' commands. The scripts
generate a SquashFS image and clean the directory after the assertions,
or if an exception is raised.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Current pytest only support upto 2 stage boot;
Some boards like TI K3 am6/J7 boards use 3 stage
boot. This patch adds u_boot_spl2 to be able to
handle the 3-stage boot case. User needs to set
"env__spl2_skipped" in u_boot_boardenv config
file to use this support. By default it is set
to TRUE.
Signed-off-by: Yan Liu <yan-liu@ti.com>
Signed-off-by: Yan Liu <yan-liu@ti.com>
Add basic test to persistent environment in ext4:
save and load in host ext4 file 'uboot.env'.
On first execution an empty EXT4 file system is created in
persistent data dir: env.ext4.img.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
As part of the EFI self test we set and check the serial# variable.
However, we should not be forcing this setting. In the case where we
are allowed to change the variable it will change, and we will pass the
test. In the case where we cannot change it, force may or may not be
allowed, depending on further environment restrictions. Drop the -f
flag here as we do not need it.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
In our tests we should use the customized prompt for testing.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Tom Rini <trini@konsulko.com>
Add a pytest for testing the env info sub-command:
test_env_info: test command with several option that
can be executed on real hardware device without assumption
test_env_info_sandbox: test the result on sandbox
with a known ENV configuration: ready & default & persistent
The quiet option '-q' is used for support in shell test;
for example:
if env info -p -d -q; then env save; fi
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
This is a fixup by autopep8 after the commit ("test/py: efi_secboot:
apply autopep8").
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
'tool_is_in_path' function is no longer used anywhere after Heinrich
has removed 'sudo' version of fixture setup.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Log messages of the bootefi command instead of simply printing them to the
console.
Do not show "## Application terminated" message when the UEFI binary
completed successfully.
Adjust the python tests testing for '## Application terminated'.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Skip messages should only be written if the setup is not suitable for
testing.
If DHCP is enabled, we should not write a skip message if no static network
configuration is supplied.
Likewise if a static network configuration is supplied, we should not write
a skip message if DHCP is not enabled.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signature database (db or dbx) may have not only certificates that contain
a public key for RSA decryption, but also digests of signed images.
In this test case, if database has an image's digest (EFI_CERT_SHA256_GUID)
and if the value matches to a hash value calculated from image's binary,
authentication should pass in case of db, and fail in case of dbx.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Use defined time stamps for sign-efi-sig-list.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In this test case, an image is signed multiple times with different
keys. If any of signatures contained is not verified, the whole
authentication check should fail.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Provide a defined time stamp for dbx_hash1.auth.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Revocation database (dbx) may have not only certificates, but also
message digests of certificates with revocation time
(EFI_CERT_X509_SHA256_GUILD).
In this test case, if the database has such a digest and if the value
matches to a certificate that created a given image's signature,
authentication should fail.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Set defined time stamp for dbx_hash.auth.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Split the existing test case-1 into case1 and a new case-2:
case-1 for non-SecureBoot mode; case-2 for SecureBoot mode.
In addition, one corner case is added to case-2; a image is signed
but a corresponding certificate is not yet installed in "db."
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Python's autopep8 can automatically correct some of warnings from pylint
and rewrite the code in a pretty print format. So just do it.
Suggested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
When using OF_PLATDATA, the bind process between devices and drivers
is performed trying to match compatible string with driver names.
However driver names are not strictly defined, and also there are different
names used when declaring a driver with U_BOOT_DRIVER, the name of the
symbol used in the linker list and the used in the struct driver_info.
In order to make things a bit more clear, rename the drivers names. This
will also help for further OF_PLATDATA improvements, such as checking
for valid driver names.
Signed-off-by: Walter Lozano <walter.lozano@collabora.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add a fix for sandbox of-platdata to avoid using an invalid ANSI colour:
Signed-off-by: Simon Glass <sjg@chromium.org>
The name of the function emitting a log message may be of interest for a
developer but is distracting for normal users. See the example below:
try_load_entry() Booting: Debian
Make the default format for log messages customizable. By default show
only the message text.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
make the sleep time and the margin configurable.
Signed-off-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Add a command to print a list of available block device drivers,
and for each, the list of known block devices.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Renamed dm "drivers" subcommand to "compat" (as it listed
compatibility strings) and prevent it from segfaulting when
drivers have no of_match populated.
Added a new "drivers" subcommand to dump a list of all known DM
drivers and for each, their uclass id, uclass driver and names of
attached devices.
Added a new "static" subcommand to dump a list of DM drivers with
statically defined platform data.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Cc: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Added command "fstypes" to list supported/included filesystems.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Limit to sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Add a subcommand "types" to the part command, which lists the supported
partition table types.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
A time authenticated variable cannot be overwritten with another value
with the same time stamp. So we must ensure the correct sequence of time
stamps when generating out test data.
Using parameter -t for sign-efi-sig-list gives reproducible results and
avoids sleep statements.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
In the test case (1g) of test_authvar, "db" is mistakenly used,
and it ends up being the exact same as (1f).
So correct it as "dbx" test case.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Currently, we don't use any regular expression in matching outputs from
U-Boot. Since its use is just redundant, we can remove all.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
test_efi_fit tests fail on RISC-V currently. This is due to the
RISC-V arch_fixup_fdt() checks the #size-cells of the root node
in order to correctly fix up the reserved memory node.
Per the DT binding, the /reserved-memory node requires both
<#address-cells> and <#size-cells> and they should use the same
values as the root node. For the root node, it's not very useful
if <#size-cells> is zero.
Update #size-cells to 1 so tests can pass.
Signed-off-by: Bin Meng <bin.meng@windriver.com>
When building U-Boot we should not blindly use make -j8 but consider the
actual core count given by os.cpu_count().
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Stephen Warren <swarren@nvidia.com>
Strict naming conventions have to be followed for Python function
generate_ut_subtest() to collect C unit tests to be executed via
command 'ut'.
Describe the requirements both on the C as well on the Python side.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When setting up the console via function efi_console_register() we call
query_console_serial(). This functions sends an escape sequence to the
terminal to query the display size. The response is another escape
sequence.
console.run_command_list() is looking for a regular expression '^==>'.
If the escape sequence for the screen size precedes the prompt without a
line break, no match is found.
When efi_disk_register() is called before efi_console_register() this leads
to a test failuere of the UEFI secure boot tests.
We can avoid the problem if the first UEFI command passed to
u_boot_console.run_command_list() produces output. This patch achieves this
by appending '; echo' to the first UEFI related command of the problematic
tests.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
The pytest vboot does all his tests on fit without padding.
We add the same tests on fit with padding.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
If udisksctl is present
test/py/tests/test_efi_secboot/conftest.py
fails because the disk image is never mounted.
Normal users can only mount fuse file systems. Unfortunately fusefat is
still in an experimental state and seems not to work here correctly.
So as we have to be root or use the sudo command anyway delete all coding
referring to udisksctl.
--
We should not use mount point /mnt as this directory or one of its
sub-directories might already be in use as active mount points. Instead
create a new directory in the build root as mount point.
--
Remove debug print statements that have been commented out. print without
parentheses is anyway invalid in Python 3. And pytest anyway filters out
the output if there is no exception reported.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
For non-root users mkfs.vfat is not in the search path at least on Debian.
Hence when running 'make tests' a message indicates that file system tests
have been skipped:
SKIPPED [13] test/py/tests/test_fs/conftest.py:340: Setup failed for
filesystem: fat16
This message is not really helpful as the executed program is not
indicated. Provide a more complete message like
SKIPPED [13] test/py/tests/test_fs/conftest.py:340: Setup failed for
filesystem: fat16.
Command 'mkfs.vfat -F 16 build-sandbox/persistent-data/3GB.fat16.img'
returned non-zero exit status 127.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add a simple pincontrol associated to the sandbox gpio driver,
that allows to check pin configuration with the command pinmux.
The pinmux test is also updated to test behavior with 2 pincontrols.
Example to check LED pin configuration:
=> pinmux list
| Device | Driver | Parent
| pinctrl-gpio | sandbox_pinctrl_gpio | root_driver
| pinctrl | sandbox_pinctrl | root_driver
=> pinmux dev pinctrl-gpio
=> pinmux status
a0 : gpio input .
a1 : gpio input .
a2 : gpio input .
a3 : gpio input .
a4 : gpio input .
a5 : gpio output .
a6 : gpio output .
...
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Add test for "pins" configuration in gpio uclass with set_state() ops
and test for generic parsing of pinconf_param array).
set_state() is called by:
- pinctrl_generic_set_state
|- pinctrl_generic_set_state_subnode
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Provide test cases for
* image authentication for signed images
(test_efi_secboot/test_signed.py)
* image authentication for unsigned images
(test_efi_secboot/test_unsigned.py)
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
A fixture for UEFI secure boot tests (image authentication and variable
authentication) is defined. A small file system with test data in a single
partition formatted in fat is created.
This test requires efitools v1.5.2 or later. If the system's efitools
is older, you have to build it on your own and define EFITOOLS_PATH.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Pull in changes that have been pending in our 'next' branch. This
includes:
- A large number of CI improvements including moving to gcc-9.2 for all
platforms.
- amlogic, xilinx, stm32, TI SoC updates
- USB and i2c subsystem updtaes
- Re-sync Kbuild/etc logic with v4.19 of the Linux kernel.
- RSA key handling improvements
It is a pain to have to set the CROSS_COMPILE environment variable when
using test.py's --build option. It is possible to get this using the -A
option from buildman. But it seems better to just use buildman to do the
build when it is available.
However using buildman adds a new dependency to the test system which we
want to avoid. So leave the default as is and add a flag to make it use
buildman.
Note that most of these changes relate to test.py and the parts of the
travis/gitlab/azure scripts which relate to running test and building a
suitable U-Boot to run the tests on.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Add a test for the dm drivers command. Also fix a null pointer dereference
revealed by said test.
Signed-off-by: Sean Anderson <seanga2@gmail.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This test is actually made up of five separate tests. Split them out so
that they appear as separate tests.
Unfortunately this restarts U-Boot multiple times which adds about a
second to the already-long vboot test, about 8 seconds total on my
machine. We could add a special 'teardown' test afterwards but if the
tests are executed out of order that would not work.
Changing test_vboot into a class causes it not to be discovered and makes
it different from all other tests.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a check to make sure that it is not possible to add a new
configuration and use the hashed nodes and hash of another configuration.
Signed-off-by: Simon Glass <sjg@chromium.org>
With CONFIG_OF_CONTROL environment variable $fdtcontroladdr is not defined
and test_efi_grub_net() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
With CONFIG_OF_CONTROL environment variable $fdtcontroladdr is not defined
and test_efi_helloworld_net() fails.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Commit 41e30dcf87 ("cmd: mmc: Make Mode: printout consistent") fixed
the layout of `mmc info` output. Reflect this change in the respective
testcase.
Also fix a typo in the documentation.
Fixes: 41e30dcf87 ("cmd: mmc: Make Mode: printout consistent")
Signed-off-by: Harald Seiler <hws@denx.de>
Acked-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
4dbc107f46 ("cmd: gpio: Correct do_gpio() return value") correctly
changed the behaviour of the gpio command to return CMD_RET_SUCCESS or
CMD_RET_FAILURE, but any existing script which expects the return value
to be the pin value is broken by this change.
Reinstate the legacy behaviour for `gpio input` only.
Fixes: 4dbc107f46 ("cmd: gpio: Correct do_gpio() return value")
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alex Kiernan <alex.kiernan@hivehome.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix warnings issued by pylint:
* naming of variables
* usage of commas and semicolons
* indentation
* placement of module description
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Unit test for 'abootimg' command. Right now it covers dtb/dtbo
functionality in Android Boot Image v2, which was added recently.
Running test:
$ ./test/py/test.py --bd sandbox --build -k test_abootimg
shows that 1/1 tests passes successfully.
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
Convert Android documentation from regular txt format to Sphinx (RST).
Also add Android index.rst file and reference it in root index.rst, so
that Android documentation is visible.
Test:
$ make htmldocs
$ xdg-open doc/output/index.html
Signed-off-by: Sam Protsenko <joe.skb7@gmail.com>
Signed-off-by: Lokesh Vutla <lokeshvutla@ti.com>
The device tree compiler expects that a node with a unit-address has a reg
property.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Extend test suite to cover also automatic octal/hex converstions which
haven't been implemented in past.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
This test verifies the implementation of the 'bootm' extension that
handles UEFI binaries inside FIT images (enabled via CONFIG_BOOTM_EFI).
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Consider the following test sample:
@pytest.mark.buildconfigspec('fit')
@pytest.mark.notbuildconfigspec('generate_acpi_table')
def test_sample(u_boot_console):
Whatever the argument of the 'notbuildconfigspec' is,
the test ends up being skipped with the message:
('/uboot/test/py/conftest.py', 463,
'Skipped: .config feature "fit" enabled')
Signed-off-by: Cristian Ciocaltea <cristian.ciocaltea@gmail.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Bring in the following merges:
commit 8fbbec12f7
Merge: 87f69f467a63618e71e8
Author: Tom Rini <trini@konsulko.com>
Date: Fri Jan 3 09:48:47 2020 -0500
Merge https://gitlab.denx.de/u-boot/custodians/u-boot-fsl-qoriq into next
- updates and fixes on ls1028a, lx2, ls1046a, MC-DPSPARSER support
commit 87f69f467a
Merge: c0912f9bbf4466b99703
Author: Tom Rini <trini@konsulko.com>
Date: Tue Dec 24 08:18:19 2019 -0500
Merge https://gitlab.denx.de/u-boot/custodians/u-boot-mpc85xx into next
- Enable DM driver on ppc/km boards
- Enable DM_USB for some of NXP powerpc platforms: P5040, T4240, T208x,
T104x, P4080, P2041, P2020, P1020, P3041
- Some updates in mpc85xx-ddr driver, km boards
commit c0912f9bbf
Merge: 533c9f5714a1d6dc3f84
Author: Tom Rini <trini@konsulko.com>
Date: Wed Dec 18 07:20:19 2019 -0500
Merge branch 'next' of https://gitlab.denx.de/u-boot/custodians/u-boot-x86 into next
- Various x86 common codes updated for TPL/SPL
- I2C designware driver updated for PCI
- ICH SPI driver updated to support Apollo Lake
- Add Intel FSP2 base support
- Intel Apollo Lake platform specific drivers support
- Add a new board Google Chromebook Coral
commit 533c9f5714
Merge: 553cb06887033e18b47b
Author: Tom Rini <trini@konsulko.com>
Date: Tue Dec 17 07:53:08 2019 -0500
Merge tag '20191217-for-next' of https://gitlab.denx.de/u-boot/custodians/u-boot-i2c into next
i2c: for next
- misc: i2c_eeprom:
Add partition support and add ability to query size
of eeprom device and partitions
- i2c common:
add support for offset overflow in to address and add
sandbox tests for it.
commit 553cb06887
Merge: f39abbbc53b4f98b3b16
Author: Tom Rini <trini@konsulko.com>
Date: Thu Dec 12 08:18:59 2019 -0500
Merge tag 'dm-next-13dec19' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm into next
buildman improvements including toolchain environment feature
sandbox unicode support in serial
get_env() was originally written to strip() the output of printenv to
isolate the test from any whitespace changes in printenv's output.
However, this throws away any whitespace in the variable value, which can
cause issues when test code expects to see that whitespace. In fact,
printenv never adds any whitespace at all, so there's no need to strip.
The strip causes a practical problem for test_env_echo_exists() if
state_test_env.get_existent_var() happens to choose a U-Boot variable that
contains trailing whitespace. This is true for variable boot_targets.
With Python 2, get_existent_var() never returned boot_targets so this
issue never caused a practical problem.
With Python 3, get_existent_var does sometimes return boot_targets, no
doubt due to Python 3's different dict hash key order implementation,
about 0.5-2% of the time, so this test appears intermittent. With the
strip removed, this intermittency is solved, since the test passes for all
possible U-Boot variables.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Buildman doesn't store this file in the same directory as a normal build.
Update the conftest code to handle both cases.
Change-Id: I1fd0e56054d7dc77394a7589336aa0991bd0133d
Signed-off-by: Simon Glass <sjg@chromium.org>
# This is actually a resent patch of
# [1] https://lists.denx.de/pipermail/u-boot/2019-May/369170.html
Two test cases are added under test_fs_ext:
test case 10: for root directory
test case 11: for non-root directory
Those will verify a behavior fixed by the commits related to
root directory
("fs: fat: allocate a new cluster for root directory of fat32" and
"fs: fat: flush a directory cluster properly"), and focus on
handling long-file-name directory entries under a directory.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
We have two further uses of raw string usage in the test/py codebase
that are used under CI. The first of which is under the bind test and
is a direct update. The second of which is to strip VT100 codes from
the match buffer. While switching this to a raw string is also a direct
update, the comment it notes that problems were encountered on Ubuntu
14.04 (and whatever Python 2 version that was) that required slight
tweaks to the regex. Replace that now that we're saying Python 3.5 is
the minimum.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
To be more closely aligned with Python community best practices, we need
to better document our usage of pip and make use of a requirements.txt
file that shows the versions of the tools that we are using. This will
aide in ensuring reproducibility of our tests as well.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Now that we have moved to being based on pytest for python3 we need to
make our test.py wrapper more robust in terms of only calling python3
rather than possibly finding and using python2. To do this, change from
execvp()'ing pytest to invoking the package itself via python. In the
event that pytest is unavailable we still get a user-friendly error:
pkg_resources.DistributionNotFound: The 'pytest' distribution was not found and is required by the application
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
The check_output function from the subprocess Python module by default
returns data as encoded bytes and leaves decoding to the application.
Given our uses of the call, it makes the most sense to immediately
decode the results.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
- In python 3 you must use raw strings for regex as other forms are
deprecated and would require further changes to the pattern here.
In one case this lets us have a simpler match pattern.
- As strings are now Unicode our complex tests (Euro symbol,
SHIFT+ALT+FN 5) we need to declare that as a bytes string and then
decode it for use.
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
In the case of some unit tests we are working with providing a fake
flash device that we have written some text strings in to. In this case
we want to tell Python to encode things to bytes for us.
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
- Modern pytest is more visible in telling us about parameters that we
had not described, so describe a few more.
- ConfigParser.readfp(...) is now configparser.read_file(...)
- As part of the "strings vs bytes" conversions in Python 3, we use the
default encoding/decoding of utf-8 but in some places tell Python to
replace problematic conversions rather than throw a fatal error.
- Fix a typo noticed while doing the above ("tot he" -> "to the").
- As suggested by Stephen, re-alphabetize the import list
- Per Heinrich, replace how we write contents in test_fit.py
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Use the 2to3 tool to perform numerous automatic conversions from Python
2 syntax to Python 3. Also fix whitespace problems that Python 3
catches that Python 2 did not.
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
Fix the following spit from pytest:
u-boot/test/py/conftest.py:438: RemovedInPytest4Warning: MarkInfo objects are deprecated as they contain merged marks which are hard to deal with correctly.
Please use node.get_closest_marker(name) or node.iter_markers(name).
Docs: https://docs.pytest.org/en/latest/mark.html#updating-code
for board in mark.args:
In both cases, the later suggestion is applicable.
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Igor Opaniuk <igor.opaniuk@gmail.com>
[trini: Update for current file with a few more cases, un-pin pytest in CI]
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Tested-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
We inconsistently note multiple dependencies today in our tests,
sometimes with a single line that declares multiple and sometimes
multiple single lines. Current pytest seems to fail on the single line
format so change to multiple declarations.
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Simon Glass <sjg@chromium.org> [on sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
At present the 'Index' column of 'dm tree' assumes there is
two digits, this patch increase it to 3 digits.
It also aligns output of 'dm uclass', assuming the same 3 digits index.
The boards with CONFIG_PINCTRL_FULL activated have one pinconfig
by pin configuration, so they can have more than 100 devices
pinconfig (for example with stm32mp157c-ev1 board we have
106 pinconfig node).
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit add a test in the vboot test to check that
when a required key is asked, only FIT signed with this
key is used/accepted by u-boot.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Based on discussion with Stephen Warren there was recommendation to list
both memory and random command dependencies just in case that dependency is
not properly handled by Kconfig.
Fixes: a09c1f7e1c ("test/py: Fix MMC/SD block write test dependency")
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Acked-by: Stephen Warren <swarren@nvidia.com>
Test is using random command which has own Kconfig symbol CMD_RANDOM which
already depends on CMD_MEMORY. That's why replace cmd_memory by cmd_random.
Fixes: 09da18deab ("test/py: add MMC/SD block write test")
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
The Linux ramdisk should always be decompressed by the kernel itself,
not by U-Boot. Therefore, the 'compression' node in the FIT image should
always be set to "none" for ramdisk images, since the only point of
using that node is if you want U-Boot to do the decompression itself.
Yet some systems populate the node to the compression algorithm used by
the kernel instead. This used to be ignored, but now that we support
decompression of all image types it becomes a problem. Since ramdisks
should never be decompressed by U-Boot anyway, this patch adds a special
exception for them to avoid these issues. Still, setting the
'compression' node like that is wrong in the first place, so we still
want to print out a warning so that third-party distributions doing this
can notice and fix it.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
Tested-by: Heiko Schocher <hs@denx.de>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Add a standalone MMC block write test. This allows direct testing of MMC
access rather than relying on doing so as a side-effect of e.g. DFU or
UMS testing, which may not be enabled on all platforms.
Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
