예제 #1
0
    def __init__(self, u_boot_console):
        """Initialize a new GptTestDiskImage object.

        Args:
            u_boot_console: A U-Boot console.

        Returns:
            Nothing.
        """

        filename = 'test_gpt_disk_image.bin'

        persistent = u_boot_console.config.persistent_data_dir + '/' + filename
        self.path = u_boot_console.config.result_dir  + '/' + filename

        if os.path.exists(persistent):
            u_boot_console.log.action('Disk image file ' + persistent +
                ' already exists')
        else:
            u_boot_console.log.action('Generating ' + persistent)
            fd = os.open(persistent, os.O_RDWR | os.O_CREAT)
            os.ftruncate(fd, 4194304)
            os.close(fd)
            cmd = ('sgdisk', '-U', '375a56f7-d6c9-4e81-b5f0-09d41ca89efe',
                persistent)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '--new=1:2048:2560', '-c 1:part1', persistent)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '--new=2:4096:4608', '-c 2:part2', persistent)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '-l', persistent)
            u_boot_utils.run_and_log(u_boot_console, cmd)

        cmd = ('cp', persistent, self.path)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #2
0
    def make_dtb(fdt_type, comp):
        """Create a sample DTB file.

        Creates a DTS file and compiles it to a DTB.

        Args:
            fdt_type: The type of the FDT, i.e. internal, user.
            comp: Flag to enable gzip compression.
        Return:
            The path of the created file.
        """

        # Generate resources referenced by FDT.
        fdt_params = {
            'sys-arch': sys_arch,
            'fdt_type': fdt_type,
        }

        # Generate a test FDT file.
        dts = make_fpath('test-efi-fit-%s.dts' % fdt_type)
        with open(dts, 'w') as file:
            file.write(FDT_DATA % fdt_params)

        # Build the test FDT.
        dtb = make_fpath('test-efi-fit-%s.dtb' % fdt_type)
        util.run_and_log(cons,
                         ['dtc', '-I', 'dts', '-O', 'dtb', '-o', dtb, dts])
        if comp:
            util.run_and_log(cons, ['gzip', '-f', dtb])
            dtb += '.gz'
        return dtb
예제 #3
0
    def test_with_algo(sha_algo):
        """Test verified boot with the given hash algorithm.

        This is the main part of the test code. The same procedure is followed
        for both hashing algorithms.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        # Build the FIT, but don't sign anything yet
        cons.log.action('%s: Test FIT with signed images' % sha_algo)
        make_fit('sign-images-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned images', 'dev-', True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed images', 'dev+', True)

        # Create a fresh .dtb without the public keys
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
        make_fit('sign-configs-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed config', 'dev+', True)

        cons.log.action('%s: Check signed config on the host' % sha_algo)

        util.run_and_log(cons,
                         [fit_check_sign, '-f', fit, '-k', tmpdir, '-k', dtb])

        # Increment the first byte of the signature, which should cause failure
        sig = util.run_and_log(cons,
                               'fdtget -t bx %s %s value' % (fit, sig_node))
        byte_list = sig.split()
        byte = int(byte_list[0], 16)
        byte_list[0] = '%x' % (byte + 1)
        sig = ' '.join(byte_list)
        util.run_and_log(cons,
                         'fdtput -t bx %s %s value %s' % (fit, sig_node, sig))

        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash',
                  False)

        cons.log.action('%s: Check bad config on the host' % sha_algo)
        util.run_and_log_expect_exception(
            cons, [fit_check_sign, '-f', fit, '-k', dtb], 1,
            'Failed to verify required signature')
예제 #4
0
    def sign_fit():
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.
        """
        cons.log.action('%s: Sign images' % algo)
        util.run_and_log(cons,
                         [mkimage, '-F', '-k', tmpdir, '-K', dtb, '-r', fit])
예제 #5
0
    def sign_fit():
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.
        """
        cons.log.action('%s: Sign images' % algo)
        util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
                                '-r', fit])
예제 #6
0
    def test_with_algo(sha_algo):
        """Test verified boot with the given hash algorithm.

        This is the main part of the test code. The same procedure is followed
        for both hashing algorithms.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        # Build the FIT, but don't sign anything yet
        cons.log.action('%s: Test FIT with signed images' % sha_algo)
        make_fit('sign-images-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned images', 'dev-', True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed images', 'dev+', True)

        # Create a fresh .dtb without the public keys
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
        make_fit('sign-configs-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed config', 'dev+', True)

        cons.log.action('%s: Check signed config on the host' % sha_algo)

        util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir,
                                '-k', dtb])

        # Increment the first byte of the signature, which should cause failure
        sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' %
                               (fit, sig_node))
        byte_list = sig.split()
        byte = int(byte_list[0], 16)
        byte_list[0] = '%x' % (byte + 1)
        sig = ' '.join(byte_list)
        util.run_and_log(cons, 'fdtput -t bx %s %s value %s' %
                         (fit, sig_node, sig))

        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)

        cons.log.action('%s: Check bad config on the host' % sha_algo)
        util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,
                '-k', dtb], 1, 'Failed to verify required signature')
예제 #7
0
    def make_fit(its):
        """Make a new FIT from the .its source file

        This runs 'mkimage -f' to create a new FIT.

        Args:
            its: Filename containing .its source
        """
        util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
                                '%s%s' % (datadir, its), fit])
예제 #8
0
    def make_fit(its):
        """Make a new FIT from the .its source file.

        This runs 'mkimage -f' to create a new FIT.

        Args:
            its: Filename containing .its source.
        """
        util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
                                '%s%s' % (datadir, its), fit])
예제 #9
0
파일: test_env.py 프로젝트: tmn505/u-boot
def mk_env_ext4(state_test_env):
    """Create a empty ext4 file system volume."""
    c = state_test_env.u_boot_console
    filename = 'env.ext4.img'
    persistent = c.config.persistent_data_dir + '/' + filename
    fs_img = c.config.result_dir + '/' + filename

    if os.path.exists(persistent):
        c.log.action('Disk image file ' + persistent + ' already exists')
    else:
        # Some distributions do not add /sbin to the default PATH, where mkfs.ext4 lives
        os.environ["PATH"] += os.pathsep + '/sbin'
        try:
            u_boot_utils.run_and_log(
                c, 'dd if=/dev/zero of=%s bs=1M count=16' % persistent)
            u_boot_utils.run_and_log(c, 'mkfs.ext4 %s' % persistent)
            sb_content = u_boot_utils.run_and_log(c,
                                                  'tune2fs -l %s' % persistent)
            if 'metadata_csum' in sb_content:
                u_boot_utils.run_and_log(
                    c, 'tune2fs -O ^metadata_csum %s' % persistent)
        except CalledProcessError:
            call('rm -f %s' % persistent, shell=True)
            raise

    u_boot_utils.run_and_log(c, ['cp', '-f', persistent, fs_img])
    return fs_img
예제 #10
0
    def dtc(dts):
        """Run the device tree compiler to compile a .dts file

        The output file will be the same as the input file but with a .dtb
        extension.

        Args:
            dts: Device tree file to compile.
        """
        dtb = dts.replace('.dts', '.dtb')
        util.run_and_log(cons, 'dtc %s %s%s -O dtb '
                         '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))
예제 #11
0
    def dtc(dts):
        """Run the device tree compiler to compile a .dts file

        The output file will be the same as the input file but with a .dtb
        extension.

        Args:
            dts: Device tree file to compile.
        """
        dtb = dts.replace('.dts', '.dtb')
        util.run_and_log(cons, 'dtc %s %s%s -O dtb '
                         '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))
예제 #12
0
    def make_dtb():
        """Make a sample .dts file and compile it to a .dtb

        Returns:
            Filename of .dtb file created
        """
        src = make_fname('u-boot.dts')
        dtb = make_fname('u-boot.dtb')
        with open(src, 'w') as fd:
            print >> fd, base_fdt
        util.run_and_log(cons, ['dtc', src, '-O', 'dtb', '-o', dtb])
        return dtb
예제 #13
0
    def sign_fit_norequire(sha_algo):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb, fit])
예제 #14
0
    def sign_fit(sha_algo):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
                                '-r', fit])
예제 #15
0
    def mount():
        """Mount the block device that U-Boot exports.

        Args:
            None.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Mounting exported UMS device')
        cmd = ('/bin/mount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #16
0
파일: test_ums.py 프로젝트: Noltari/u-boot
    def mount():
        """Mount the block device that U-Boot exports.

        Args:
            None.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Mounting exported UMS device')
        cmd = ('/bin/mount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #17
0
    def __init__(self, u_boot_console):
        """Initialize a new GptTestDiskImage object.

        Args:
            u_boot_console: A U-Boot console.

        Returns:
            Nothing.
        """

        filename = 'test_gpt_disk_image.bin'
        self.path = u_boot_console.config.persistent_data_dir + '/' + filename

        if os.path.exists(self.path):
            u_boot_console.log.action('Disk image file ' + self.path +
                                      ' already exists')
        else:
            u_boot_console.log.action('Generating ' + self.path)
            fd = os.open(self.path, os.O_RDWR | os.O_CREAT)
            os.ftruncate(fd, 4194304)
            os.close(fd)
            cmd = ('sgdisk', '-U', '375a56f7-d6c9-4e81-b5f0-09d41ca89efe',
                   self.path)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '--new=1:2048:2560', self.path)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '--new=2:4096:4608', self.path)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            cmd = ('sgdisk', '-l', self.path)
            u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #18
0
    def __init__(self, u_boot_console):
        """Initialize a new ABTestDiskImage object.

        Args:
            u_boot_console: A U-Boot console.

        Returns:
            Nothing.
        """

        filename = 'test_ab_disk_image.bin'

        persistent = u_boot_console.config.persistent_data_dir + '/' + filename
        self.path = u_boot_console.config.result_dir  + '/' + filename

        with u_boot_utils.persistent_file_helper(u_boot_console.log, persistent):
            if os.path.exists(persistent):
                u_boot_console.log.action('Disk image file ' + persistent +
                    ' already exists')
            else:
                u_boot_console.log.action('Generating ' + persistent)
                fd = os.open(persistent, os.O_RDWR | os.O_CREAT)
                os.ftruncate(fd, 524288)
                os.close(fd)
                cmd = ('sgdisk', persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)

                cmd = ('sgdisk', '--new=1:64:512', '--change-name=1:misc',
                    persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)
                cmd = ('sgdisk', '--load-backup=' + persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)

        cmd = ('cp', persistent, self.path)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #19
0
파일: test_vboot.py 프로젝트: tmn505/u-boot
    def run_binman(dtb):
        """Run binman to build an image

        Args:
            dtb: Device tree file used as input file.
        """
        pythonpath = os.environ.get('PYTHONPATH', '')
        os.environ[
            'PYTHONPATH'] = pythonpath + ':' + '%s/../scripts/dtc/pylibfdt' % tmpdir
        util.run_and_log(cons, [
            binman, 'build', '-d',
            "%s/%s" % (tmpdir, dtb), '-a',
            "pre-load-key-path=%s" % tmpdir, '-O', tmpdir, '-I', tmpdir
        ])
        os.environ['PYTHONPATH'] = pythonpath
예제 #20
0
파일: test_ums.py 프로젝트: Noltari/u-boot
    def umount(ignore_errors):
        """Unmount the block device that U-Boot exports.

        Args:
            ignore_errors: Ignore any errors. This is useful if an error has
                already been detected, and the code is performing best-effort
                cleanup. In this case, we do not want to mask the original
                error by "honoring" any new errors.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Unmounting UMS device')
        cmd = ('/bin/umount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd, ignore_errors)
예제 #21
0
    def create_rsa_pair(name):
        """Generate a new RSA key paid and certificate

        Args:
            name: Name of of the key (e.g. 'dev')
        """
        public_exponent = 65537
        util.run_and_log(
            cons, 'openssl genpkey -algorithm RSA -out %s%s.key '
            '-pkeyopt rsa_keygen_bits:2048 '
            '-pkeyopt rsa_keygen_pubexp:%d' % (tmpdir, name, public_exponent))

        # Create a certificate containing the public key
        util.run_and_log(
            cons, 'openssl req -batch -new -x509 -key %s%s.key '
            '-out %s%s.crt' % (tmpdir, name, tmpdir, name))
예제 #22
0
    def sign_fit_norequire(sha_algo, options):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb. It does not mark key as 'required' in dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
            options: Options to provide to mkimage.
        """
        args = [mkimage, '-F', '-k', tmpdir, '-K', dtb, fit]
        if options:
            args += options.split(' ')
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons, args)
예제 #23
0
    def umount(ignore_errors):
        """Unmount the block device that U-Boot exports.

        Args:
            ignore_errors: Ignore any errors. This is useful if an error has
                already been detected, and the code is performing best-effort
                cleanup. In this case, we do not want to mask the original
                error by "honoring" any new errors.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Unmounting UMS device')
        cmd = ('/bin/umount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd, ignore_errors)
예제 #24
0
    def __fdt_get_sexadecimal(self, node, prop):
        numbers = util.run_and_log(self.cons,
                                   f'fdtget -tbx {self.fit} {node} {prop}')

        sexadecimal = ''
        for num in numbers.rstrip('\n').split(' '):
            sexadecimal += num.zfill(2)
        return sexadecimal
예제 #25
0
def test_event_dump(u_boot_console):
    """Test that the "help" command can be executed."""
    cons = u_boot_console
    sandbox = cons.config.build_dir + '/u-boot'
    out = util.run_and_log(cons, ['scripts/event_dump.py', sandbox])
    expect = '''.*Event type            Id                              Source location
--------------------  ------------------------------  ------------------------------
EVT_MISC_INIT_F       sandbox_misc_init_f             .*arch/sandbox/cpu/start.c:'''
    assert re.match(expect, out, re.MULTILINE) is not None
예제 #26
0
    def make_fit(mkimage, params):
        """Make a sample .fit file ready for loading

        This creates a .its script with the selected parameters and uses mkimage to
        turn this into a .fit image.

        Args:
            mkimage: Filename of 'mkimage' utility
            params: Dictionary containing parameters to embed in the %() strings
        Return:
            Filename of .fit file created
        """
        fit = make_fname('test.fit')
        its = make_its(params)
        util.run_and_log(cons, [mkimage, '-f', its, fit])
        with open(make_fname('u-boot.dts'), 'w') as fd:
            print >> fd, base_fdt
        return fit
예제 #27
0
    def __fdt_get_binary(self, node, prop):
        numbers = util.run_and_log(self.cons,
                                   f'fdtget -tbi {self.fit} {node} {prop}')

        bignum = bytearray()
        for little_num in numbers.split():
            bignum.append(int(little_num))

        return bignum
예제 #28
0
    def run_dfu_util(alt_setting, fn, up_dn_load_arg):
        """Invoke dfu-util on the host.

        Args:
            alt_setting: The DFU "alternate setting" identifier to interact
                with.
            fn: The host-side file name to transfer.
            up_dn_load_arg: '-U' or '-D' depending on whether a DFU upload or
                download operation should be performed.

        Returns:
            Nothing.
        """

        cmd = ['dfu-util', '-a', alt_setting, up_dn_load_arg, fn]
        if 'host_usb_port_path' in env__usb_dev_port:
            cmd += ['-p', env__usb_dev_port['host_usb_port_path']]
        u_boot_utils.run_and_log(u_boot_console, cmd)
        u_boot_console.wait_for('Ctrl+C to exit ...')
    def run_dfu_util(alt_setting, fn, up_dn_load_arg):
        """Invoke dfu-util on the host.

        Args:
            alt_setting: The DFU "alternate setting" identifier to interact
                with.
            fn: The host-side file name to transfer.
            up_dn_load_arg: '-U' or '-D' depending on whether a DFU upload or
                download operation should be performed.

        Returns:
            Nothing.
        """

        cmd = ['dfu-util', '-a', str(alt_setting), up_dn_load_arg, fn]
        if 'host_usb_port_path' in env__usb_dev_port:
            cmd += ['-p', env__usb_dev_port['host_usb_port_path']]
        u_boot_utils.run_and_log(u_boot_console, cmd)
        u_boot_console.wait_for('Ctrl+C to exit ...')
예제 #30
0
    def __init__(self, u_boot_console):
        """Initialize a new GptTestDiskImage object.

        Args:
            u_boot_console: A U-Boot console.

        Returns:
            Nothing.
        """

        filename = 'test_gpt_disk_image.bin'

        persistent = u_boot_console.config.persistent_data_dir + '/' + filename
        self.path = u_boot_console.config.result_dir + '/' + filename

        with u_boot_utils.persistent_file_helper(u_boot_console.log,
                                                 persistent):
            if os.path.exists(persistent):
                u_boot_console.log.action('Disk image file ' + persistent +
                                          ' already exists')
            else:
                u_boot_console.log.action('Generating ' + persistent)
                fd = os.open(persistent, os.O_RDWR | os.O_CREAT)
                os.ftruncate(fd, 4194304)
                os.close(fd)
                cmd = ('sgdisk',
                       '--disk-guid=375a56f7-d6c9-4e81-b5f0-09d41ca89efe',
                       persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)
                # part1 offset 1MB size 1MB
                cmd = ('sgdisk', '--new=1:2048:4095', '--change-name=1:part1',
                       persistent)
                # part2 offset 2MB size 1.5MB
                u_boot_utils.run_and_log(u_boot_console, cmd)
                cmd = ('sgdisk', '--new=2:4096:7167', '--change-name=2:part2',
                       persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)
                cmd = ('sgdisk', '--load-backup=' + persistent)
                u_boot_utils.run_and_log(u_boot_console, cmd)

        cmd = ('cp', persistent, self.path)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #31
0
    def make_efi(fname, comp):
        """Create an UEFI binary.

        This simply copies lib/efi_loader/helloworld.efi into U-Boot
        build dir and, optionally, compresses the file using gzip.

        Args:
            fname: The target file name within U-Boot build dir.
            comp: Flag to enable gzip compression.
        Return:
            The path of the created file.
        """

        bin_path = make_fpath(fname)
        util.run_and_log(cons,
                ['cp', make_fpath('lib/efi_loader/helloworld.efi'), bin_path])
        if comp:
            util.run_and_log(cons, ['gzip', '-f', bin_path])
            bin_path += '.gz'
        return bin_path
예제 #32
0
    def make_fit(comp):
        """Create a sample FIT image.

        Runs 'mkimage' to create a FIT image within U-Boot build dir.
        Args:
            comp -- Enable gzip compression for the EFI binary and FDT blob.
        Return:
            The path of the created file.
        """

        # Generate resources referenced by ITS.
        its_params = {
            'sys-arch':
            sys_arch,
            'efi-bin':
            os.path.basename(make_efi('test-efi-fit-helloworld.efi', comp)),
            'kernel-type':
            'kernel' if comp else 'kernel_noload',
            'efi-comp':
            'gzip' if comp else 'none',
            'fdt-bin':
            os.path.basename(make_dtb('user', comp)),
            'fdt-comp':
            'gzip' if comp else 'none',
        }

        # Generate a test ITS file.
        its_path = make_fpath('test-efi-fit-helloworld.its')
        with open(its_path, 'w', encoding='ascii') as file:
            file.write(ITS_DATA % its_params)

        # Build the test ITS.
        fit_path = make_fpath('test-efi-fit-helloworld.fit')
        util.run_and_log(
            cons, [make_fpath('tools/mkimage'), '-f', its_path, fit_path])
        return fit_path
예제 #33
0
def test_spl_devicetree(u_boot_console):
    """Test content of spl device-tree"""
    cons = u_boot_console
    dtb = cons.config.build_dir + '/spl/u-boot-spl.dtb'
    fdtgrep = cons.config.build_dir + '/tools/fdtgrep'
    output = util.run_and_log(cons, [fdtgrep, '-l', dtb])

    assert "u-boot,dm-pre-reloc" not in output
    assert "u-boot,dm-pre-proper" not in output
    assert "u-boot,dm-spl" not in output
    assert "u-boot,dm-tpl" not in output

    assert "spl-test5" not in output
    assert "spl-test6" not in output
    assert "spl-test7" in output
예제 #34
0
    def check_script(intext, expect_val):
        """Check a test case

        Args:
            intext: Text to pass to the script
            expect_val: Expected value of the CONFIG_EXTRA_ENV_TEXT string, or
                None if we expect it not to be defined
        """
        with tempfile.TemporaryDirectory() as path:
            fname = os.path.join(path, 'infile')
            with open(fname, 'w') as inf:
                print(intext, file=inf)
            result = u_boot_utils.run_and_log(cons, ['awk', '-f', script, fname])
            if expect_val is not None:
                expect = '#define CONFIG_EXTRA_ENV_TEXT "%s"\n' % expect_val
                assert result == expect
            else:
                assert result == ''
예제 #35
0
def mk_env_ext4(state_test_env):
    """Create a empty ext4 file system volume."""
    c = state_test_env.u_boot_console
    filename = 'env.ext4.img'
    persistent = c.config.persistent_data_dir + '/' + filename
    fs_img = c.config.result_dir + '/' + filename

    if os.path.exists(persistent):
        c.log.action('Disk image file ' + persistent + ' already exists')
    else:
        try:
            u_boot_utils.run_and_log(
                c, 'dd if=/dev/zero of=%s bs=1M count=16' % persistent)
            u_boot_utils.run_and_log(
                c, 'mkfs.ext4 -O ^metadata_csum %s' % persistent)
        except CalledProcessError:
            call('rm -f %s' % persistent, shell=True)
            raise

    u_boot_utils.run_and_log(c, ['cp', '-f', persistent, fs_img])
    return fs_img
예제 #36
0
    def __init__(self, u_boot_console):
        """Initialize a new AbootimgDiskImage object.

        Args:
            u_boot_console: A U-Boot console.

        Returns:
            Nothing.
        """

        gz_hex = u_boot_console.config.persistent_data_dir + '/boot.img.gz.hex'
        gz = u_boot_console.config.persistent_data_dir + '/boot.img.gz'

        filename = 'boot.img'
        persistent = u_boot_console.config.persistent_data_dir + '/' + filename
        self.path = u_boot_console.config.result_dir + '/' + filename

        with u_boot_utils.persistent_file_helper(u_boot_console.log,
                                                 persistent):
            if os.path.exists(persistent):
                u_boot_console.log.action('Disk image file ' + persistent +
                                          ' already exists')
            else:
                u_boot_console.log.action('Generating ' + persistent)

                f = open(gz_hex, "w")
                f.write(img_hex)
                f.close()

                cmd = ('xxd', '-r', '-p', gz_hex, gz)
                u_boot_utils.run_and_log(u_boot_console, cmd)

                cmd = ('gunzip', '-9', gz)
                u_boot_utils.run_and_log(u_boot_console, cmd)

        cmd = ('cp', persistent, self.path)
        u_boot_utils.run_and_log(u_boot_console, cmd)
예제 #37
0
def test_vboot(u_boot_console):
    """Test verified boot signing with mkimage and verification with 'bootm'.

    This works using sandbox only as it needs to update the device tree used
    by U-Boot to hold public keys from the signing process.

    The SHA1 and SHA256 tests are combined into a single test since the
    key-generation process is quite slow and we want to avoid doing it twice.
    """
    def dtc(dts):
        """Run the device tree compiler to compile a .dts file

        The output file will be the same as the input file but with a .dtb
        extension.

        Args:
            dts: Device tree file to compile.
        """
        dtb = dts.replace('.dts', '.dtb')
        util.run_and_log(
            cons, 'dtc %s %s%s -O dtb '
            '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))

    def run_bootm(sha_algo, test_type, expect_string, boots):
        """Run a 'bootm' command U-Boot.

        This always starts a fresh U-Boot instance since the device tree may
        contain a new public key.

        Args:
            test_type: A string identifying the test type.
            expect_string: A string which is expected in the output.
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
            boots: A boolean that is True if Linux should boot and False if
                    we are expected to not boot
        """
        cons.restart_uboot()
        with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
            output = cons.run_command_list([
                'sb load hostfs - 100 %stest.fit' % tmpdir, 'fdt addr 100',
                'bootm 100'
            ])
        assert (expect_string in ''.join(output))
        if boots:
            assert ('sandbox: continuing, as we cannot run' in ''.join(output))

    def make_fit(its):
        """Make a new FIT from the .its source file.

        This runs 'mkimage -f' to create a new FIT.

        Args:
            its: Filename containing .its source.
        """
        util.run_and_log(
            cons,
            [mkimage, '-D', dtc_args, '-f',
             '%s%s' % (datadir, its), fit])

    def sign_fit(sha_algo):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons,
                         [mkimage, '-F', '-k', tmpdir, '-K', dtb, '-r', fit])

    def test_with_algo(sha_algo):
        """Test verified boot with the given hash algorithm.

        This is the main part of the test code. The same procedure is followed
        for both hashing algorithms.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        # Build the FIT, but don't sign anything yet
        cons.log.action('%s: Test FIT with signed images' % sha_algo)
        make_fit('sign-images-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned images', 'dev-', True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed images', 'dev+', True)

        # Create a fresh .dtb without the public keys
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
        make_fit('sign-configs-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed config', 'dev+', True)

        cons.log.action('%s: Check signed config on the host' % sha_algo)

        util.run_and_log(cons,
                         [fit_check_sign, '-f', fit, '-k', tmpdir, '-k', dtb])

        # Increment the first byte of the signature, which should cause failure
        sig = util.run_and_log(cons,
                               'fdtget -t bx %s %s value' % (fit, sig_node))
        byte_list = sig.split()
        byte = int(byte_list[0], 16)
        byte_list[0] = '%x' % (byte + 1)
        sig = ' '.join(byte_list)
        util.run_and_log(cons,
                         'fdtput -t bx %s %s value %s' % (fit, sig_node, sig))

        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash',
                  False)

        cons.log.action('%s: Check bad config on the host' % sha_algo)
        util.run_and_log_expect_exception(
            cons, [fit_check_sign, '-f', fit, '-k', dtb], 1,
            'Failed to verify required signature')

    cons = u_boot_console
    tmpdir = cons.config.result_dir + '/'
    tmp = tmpdir + 'vboot.tmp'
    datadir = cons.config.source_dir + '/test/py/tests/vboot/'
    fit = '%stest.fit' % tmpdir
    mkimage = cons.config.build_dir + '/tools/mkimage'
    fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
    dtc_args = '-I dts -O dtb -i %s' % tmpdir
    dtb = '%ssandbox-u-boot.dtb' % tmpdir
    sig_node = '/configurations/conf@1/signature@1'

    # Create an RSA key pair
    public_exponent = 65537
    util.run_and_log(
        cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
        '-pkeyopt rsa_keygen_bits:2048 '
        '-pkeyopt rsa_keygen_pubexp:%d '
        '2>/dev/null' % (tmpdir, public_exponent))

    # Create a certificate containing the public key
    util.run_and_log(
        cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
        '%sdev.crt' % (tmpdir, tmpdir))

    # Create a number kernel image with zeroes
    with open('%stest-kernel.bin' % tmpdir, 'w') as fd:
        fd.write(5000 * chr(0))

    try:
        # We need to use our own device tree file. Remember to restore it
        # afterwards.
        old_dtb = cons.config.dtb
        cons.config.dtb = dtb
        test_with_algo('sha1')
        test_with_algo('sha256')
    finally:
        # Go back to the original U-Boot with the correct dtb.
        cons.config.dtb = old_dtb
        cons.restart_uboot()
예제 #38
0
    def test_required_key(sha_algo, padding, sign_options):
        """Test verified boot with the given hash algorithm.

        This function tests if U-Boot rejects an image when a required key isn't
        used to sign a FIT.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to use
            padding: Either '' or '-pss', to select the padding to use for the
                    rsa signature algorithm.
            sign_options: Options to mkimage when signing a fit image.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with configs images' % sha_algo)

        # Build the FIT with prod key (keys required) and sign it. This puts the
        # signature into sandbox-u-boot.dtb, marked 'required'
        make_fit('sign-configs-%s%s-prod.its' % (sha_algo, padding))
        sign_fit(sha_algo, sign_options)

        # Build the FIT with dev key (keys NOT required). This adds the
        # signature into sandbox-u-boot.dtb, NOT marked 'required'.
        make_fit('sign-configs-%s%s.its' % (sha_algo, padding))
        sign_fit_norequire(sha_algo, sign_options)

        # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.
        # Only the prod key is set as 'required'. But FIT we just built has
        # a dev signature only (sign_fit_norequire() overwrites the FIT).
        # Try to boot the FIT with dev key. This FIT should not be accepted by
        # U-Boot because the prod key is required.
        run_bootm(sha_algo, 'required key', '', False)

        # Build the FIT with dev key (keys required) and sign it. This puts the
        # signature into sandbox-u-boot.dtb, marked 'required'.
        make_fit('sign-configs-%s%s.its' % (sha_algo, padding))
        sign_fit(sha_algo, sign_options)

        # Set the required-mode policy to "any".
        # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.
        # Both the dev and prod key are set as 'required'. But FIT we just built has
        # a dev signature only (sign_fit() overwrites the FIT).
        # Try to boot the FIT with dev key. This FIT should be accepted by
        # U-Boot because the dev key is required and policy is "any" required key.
        util.run_and_log(cons,
                         'fdtput -t s %s /signature required-mode any' % (dtb))
        run_bootm(sha_algo, 'multi required key', 'dev+', True)

        # Set the required-mode policy to "all".
        # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.
        # Both the dev and prod key are set as 'required'. But FIT we just built has
        # a dev signature only (sign_fit() overwrites the FIT).
        # Try to boot the FIT with dev key. This FIT should not be accepted by
        # U-Boot because the prod key is required and policy is "all" required key
        util.run_and_log(cons,
                         'fdtput -t s %s /signature required-mode all' % (dtb))
        run_bootm(sha_algo, 'multi required key', '', False)
예제 #39
0
파일: test_ums.py 프로젝트: Noltari/u-boot
def test_ums(u_boot_console, env__usb_dev_port, env__block_devs):
    """Test the "ums" command; the host system must be able to enumerate a UMS
    device when "ums" is running, block and optionally file I/O are tested,
    and this device must disappear when "ums" is aborted.

    Args:
        u_boot_console: A U-Boot console connection.
        env__usb_dev_port: The single USB device-mode port specification on
            which to run the test. See the file-level comment above for
            details of the format.
        env__block_devs: The list of block devices that the target U-Boot
            device has attached. See the file-level comment above for details
            of the format.

    Returns:
        Nothing.
    """

    have_writable_fs_partition = 'writable_fs_partition' in env__block_devs[0]
    if not have_writable_fs_partition:
        # If 'writable_fs_subdir' is missing, we'll skip all parts of the
        # testing which mount filesystems.
        u_boot_console.log.warning(
            'boardenv missing "writable_fs_partition"; ' +
            'UMS testing will be limited.')

    tgt_usb_ctlr = env__usb_dev_port['tgt_usb_ctlr']
    host_ums_dev_node = env__usb_dev_port['host_ums_dev_node']

    # We're interested in testing USB device mode on each port, not the cross-
    # product of that with each device. So, just pick the first entry in the
    # device list here. We'll test each block device somewhere else.
    tgt_dev_type = env__block_devs[0]['type']
    tgt_dev_id = env__block_devs[0]['id']
    if have_writable_fs_partition:
        mount_point = u_boot_console.config.env['env__mount_points'][0]
        mount_subdir = env__block_devs[0]['writable_fs_subdir']
        part_num = env__block_devs[0]['writable_fs_partition']
        host_ums_part_node = '%s-part%d' % (host_ums_dev_node, part_num)
    else:
        host_ums_part_node = host_ums_dev_node

    test_f = u_boot_utils.PersistentRandomFile(u_boot_console, 'ums.bin',
        1024 * 1024);
    if have_writable_fs_partition:
        mounted_test_fn = mount_point + '/' + mount_subdir + test_f.fn

    def start_ums():
        """Start U-Boot's ums shell command.

        This also waits for the host-side USB enumeration process to complete.

        Args:
            None.

        Returns:
            Nothing.
        """

        u_boot_console.log.action(
            'Starting long-running U-Boot ums shell command')
        cmd = 'ums %s %s %s' % (tgt_usb_ctlr, tgt_dev_type, tgt_dev_id)
        u_boot_console.run_command(cmd, wait_for_prompt=False)
        u_boot_console.wait_for(re.compile('UMS: LUN.*[\r\n]'))
        fh = u_boot_utils.wait_until_open_succeeds(host_ums_part_node)
        u_boot_console.log.action('Reading raw data from UMS device')
        fh.read(4096)
        fh.close()

    def mount():
        """Mount the block device that U-Boot exports.

        Args:
            None.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Mounting exported UMS device')
        cmd = ('/bin/mount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd)

    def umount(ignore_errors):
        """Unmount the block device that U-Boot exports.

        Args:
            ignore_errors: Ignore any errors. This is useful if an error has
                already been detected, and the code is performing best-effort
                cleanup. In this case, we do not want to mask the original
                error by "honoring" any new errors.

        Returns:
            Nothing.
        """

        u_boot_console.log.action('Unmounting UMS device')
        cmd = ('/bin/umount', host_ums_part_node)
        u_boot_utils.run_and_log(u_boot_console, cmd, ignore_errors)

    def stop_ums(ignore_errors):
        """Stop U-Boot's ums shell command from executing.

        This also waits for the host-side USB de-enumeration process to
        complete.

        Args:
            ignore_errors: Ignore any errors. This is useful if an error has
                already been detected, and the code is performing best-effort
                cleanup. In this case, we do not want to mask the original
                error by "honoring" any new errors.

        Returns:
            Nothing.
        """

        u_boot_console.log.action(
            'Stopping long-running U-Boot ums shell command')
        u_boot_console.ctrlc()
        u_boot_utils.wait_until_file_open_fails(host_ums_part_node,
            ignore_errors)

    ignore_cleanup_errors = True
    try:
        start_ums()
        if not have_writable_fs_partition:
            # Skip filesystem-based testing if not configured
            return
        try:
            mount()
            u_boot_console.log.action('Writing test file via UMS')
            cmd = ('rm', '-f', mounted_test_fn)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            if os.path.exists(mounted_test_fn):
                raise Exception('Could not rm target UMS test file')
            cmd = ('cp', test_f.abs_fn, mounted_test_fn)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            ignore_cleanup_errors = False
        finally:
            umount(ignore_errors=ignore_cleanup_errors)
    finally:
        stop_ums(ignore_errors=ignore_cleanup_errors)

    ignore_cleanup_errors = True
    try:
        start_ums()
        try:
            mount()
            u_boot_console.log.action('Reading test file back via UMS')
            read_back_hash = u_boot_utils.md5sum_file(mounted_test_fn)
            cmd = ('rm', '-f', mounted_test_fn)
            u_boot_utils.run_and_log(u_boot_console, cmd)
            ignore_cleanup_errors = False
        finally:
            umount(ignore_errors=ignore_cleanup_errors)
    finally:
        stop_ums(ignore_errors=ignore_cleanup_errors)

    written_hash = test_f.content_hash
    assert(written_hash == read_back_hash)
예제 #40
0
def test_vboot(u_boot_console):
    """Test verified boot signing with mkimage and verification with 'bootm'.

    This works using sandbox only as it needs to update the device tree used
    by U-Boot to hold public keys from the signing process.

    The SHA1 and SHA256 tests are combined into a single test since the
    key-generation process is quite slow and we want to avoid doing it twice.
    """
    def dtc(dts):
        """Run the device tree compiler to compile a .dts file

        The output file will be the same as the input file but with a .dtb
        extension.

        Args:
            dts: Device tree file to compile.
        """
        dtb = dts.replace('.dts', '.dtb')
        util.run_and_log(cons, 'dtc %s %s%s -O dtb '
                         '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))

    def run_bootm(sha_algo, test_type, expect_string, boots):
        """Run a 'bootm' command U-Boot.

        This always starts a fresh U-Boot instance since the device tree may
        contain a new public key.

        Args:
            test_type: A string identifying the test type.
            expect_string: A string which is expected in the output.
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
            boots: A boolean that is True if Linux should boot and False if
                    we are expected to not boot
        """
        cons.restart_uboot()
        with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
            output = cons.run_command_list(
                ['host load hostfs - 100 %stest.fit' % tmpdir,
                'fdt addr 100',
                'bootm 100'])
        assert(expect_string in ''.join(output))
        if boots:
            assert('sandbox: continuing, as we cannot run' in ''.join(output))

    def make_fit(its):
        """Make a new FIT from the .its source file.

        This runs 'mkimage -f' to create a new FIT.

        Args:
            its: Filename containing .its source.
        """
        util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
                                '%s%s' % (datadir, its), fit])

    def sign_fit(sha_algo):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
                                '-r', fit])

    def replace_fit_totalsize(size):
        """Replace FIT header's totalsize with something greater.

        The totalsize must be less than or equal to FIT_SIGNATURE_MAX_SIZE.
        If the size is greater, the signature verification should return false.

        Args:
            size: The new totalsize of the header

        Returns:
            prev_size: The previous totalsize read from the header
        """
        total_size = 0
        with open(fit, 'r+b') as handle:
            handle.seek(4)
            total_size = handle.read(4)
            handle.seek(4)
            handle.write(struct.pack(">I", size))
        return struct.unpack(">I", total_size)[0]

    def test_with_algo(sha_algo, padding):
        """Test verified boot with the given hash algorithm.

        This is the main part of the test code. The same procedure is followed
        for both hashing algorithms.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        # Build the FIT, but don't sign anything yet
        cons.log.action('%s: Test FIT with signed images' % sha_algo)
        make_fit('sign-images-%s%s.its' % (sha_algo , padding))
        run_bootm(sha_algo, 'unsigned images', 'dev-', True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed images', 'dev+', True)

        # Create a fresh .dtb without the public keys
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
        make_fit('sign-configs-%s%s.its' % (sha_algo , padding))
        run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed config', 'dev+', True)

        cons.log.action('%s: Check signed config on the host' % sha_algo)

        util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir,
                                '-k', dtb])

        # Replace header bytes
        bcfg = u_boot_console.config.buildconfig
        max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0)
        existing_size = replace_fit_totalsize(max_size + 1)
        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)
        cons.log.action('%s: Check overflowed FIT header totalsize' % sha_algo)

        # Replace with existing header bytes
        replace_fit_totalsize(existing_size)
        run_bootm(sha_algo, 'signed config', 'dev+', True)
        cons.log.action('%s: Check default FIT header totalsize' % sha_algo)

        # Increment the first byte of the signature, which should cause failure
        sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' %
                               (fit, sig_node))
        byte_list = sig.split()
        byte = int(byte_list[0], 16)
        byte_list[0] = '%x' % (byte + 1)
        sig = ' '.join(byte_list)
        util.run_and_log(cons, 'fdtput -t bx %s %s value %s' %
                         (fit, sig_node, sig))

        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)

        cons.log.action('%s: Check bad config on the host' % sha_algo)
        util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,
                '-k', dtb], 1, 'Failed to verify required signature')

    cons = u_boot_console
    tmpdir = cons.config.result_dir + '/'
    tmp = tmpdir + 'vboot.tmp'
    datadir = cons.config.source_dir + '/test/py/tests/vboot/'
    fit = '%stest.fit' % tmpdir
    mkimage = cons.config.build_dir + '/tools/mkimage'
    fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
    dtc_args = '-I dts -O dtb -i %s' % tmpdir
    dtb = '%ssandbox-u-boot.dtb' % tmpdir
    sig_node = '/configurations/conf-1/signature'

    # Create an RSA key pair
    public_exponent = 65537
    util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
                     '-pkeyopt rsa_keygen_bits:2048 '
                     '-pkeyopt rsa_keygen_pubexp:%d' %
                     (tmpdir, public_exponent))

    # Create a certificate containing the public key
    util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
                     '%sdev.crt' % (tmpdir, tmpdir))

    # Create a number kernel image with zeroes
    with open('%stest-kernel.bin' % tmpdir, 'w') as fd:
        fd.write(5000 * chr(0))

    try:
        # We need to use our own device tree file. Remember to restore it
        # afterwards.
        old_dtb = cons.config.dtb
        cons.config.dtb = dtb
        test_with_algo('sha1','')
        test_with_algo('sha1','-pss')
        test_with_algo('sha256','')
        test_with_algo('sha256','-pss')
    finally:
        # Go back to the original U-Boot with the correct dtb.
        cons.config.dtb = old_dtb
        cons.restart_uboot()
예제 #41
0
    def launch_efi(enable_fdt, enable_comp):
        """Launch U-Boot's helloworld.efi binary from a FIT image.

        An external image file can be downloaded from TFTP, when related
        details are provided by the boardenv_* file; see the comment at the
        beginning of this file.

        If the size of the TFTP file is not provided within env__efi_fit_tftp_file,
        the test image is generated automatically and placed in the TFTP root
        directory specified via the 'dn' field.

        When running the tests on Sandbox, the image file is loaded directly
        from the host filesystem.

        Once the load address is available on U-Boot console, the 'bootm'
        command is executed for either 'config-efi-fdt' or 'config-efi-nofdt'
        FIT configuration, depending on the value of the 'enable_fdt' function
        argument.

        Eventually the 'Hello, world' message is expected in the U-Boot console.

        Args:
            enable_fdt: Flag to enable using the FDT blob inside FIT image.
            enable_comp: Flag to enable GZIP compression on EFI and FDT
                generated content.
        """

        with cons.log.section('FDT=%s;COMP=%s' % (enable_fdt, enable_comp)):
            if is_sandbox:
                fit = {
                    'dn': cons.config.build_dir,
                }
            else:
                # Init networking.
                net_pre_commands()
                net_set_up = net_dhcp()
                net_set_up = net_setup_static() or net_set_up
                if not net_set_up:
                    pytest.skip('Network not initialized')

                fit = cons.config.env.get('env__efi_fit_tftp_file', None)
                if not fit:
                    pytest.skip('No env__efi_fit_tftp_file binary specified in environment')

            sz = fit.get('size', None)
            if not sz:
                if not fit.get('dn', None):
                    pytest.skip('Neither "size", nor "dn" info provided in env__efi_fit_tftp_file')

                # Create test FIT image.
                fit_path = make_fit(enable_comp)
                fit['fn'] = os.path.basename(fit_path)
                fit['size'] = os.path.getsize(fit_path)

                # Copy image to TFTP root directory.
                if fit['dn'] != cons.config.build_dir:
                    util.run_and_log(cons, ['mv', '-f', fit_path, '%s/' % fit['dn']])

            # Load FIT image.
            addr = load_fit_from_host(fit) if is_sandbox else load_fit_from_tftp(fit)

            # Select boot configuration.
            fit_config = 'config-efi-fdt' if enable_fdt else 'config-efi-nofdt'

            # Try booting.
            cons.run_command(
                    'bootm %x#%s' % (addr, fit_config), wait_for_prompt=False)
            if enable_fdt:
                cons.wait_for('Booting using the fdt blob')
            cons.wait_for('Hello, world')
            cons.wait_for('## Application terminated, r = 0')
            cons.restart_uboot();