X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=test%2Fpy%2Ftests%2Ftest_vboot.py;h=ee939f2034e5aa68889643ff94f650dc5c27661f;hb=2dffe1c6adc0dfb1fdce8a32e88a95ddec9004a7;hp=021892bb3dac917458e95904e3336312aca45d2a;hpb=7edb17670cdca0ee5de8b8eb61753ad6b7fc33e6;p=oweals%2Fu-boot.git diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index 021892bb3d..ee939f2034 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -1,6 +1,5 @@ -# Copyright (c) 2016, Google Inc. -# # SPDX-License-Identifier: GPL-2.0+ +# Copyright (c) 2016, Google Inc. # # U-Boot Verified Boot Test @@ -31,6 +30,10 @@ import u_boot_utils as util @pytest.mark.boardspec('sandbox') @pytest.mark.buildconfigspec('fit_signature') +@pytest.mark.requiredtool('dtc') +@pytest.mark.requiredtool('fdtget') +@pytest.mark.requiredtool('fdtput') +@pytest.mark.requiredtool('openssl') def test_vboot(u_boot_console): """Test verified boot signing with mkimage and verification with 'bootm'. @@ -53,7 +56,7 @@ def test_vboot(u_boot_console): util.run_and_log(cons, 'dtc %s %s%s -O dtb ' '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb)) - def run_bootm(sha_algo, test_type, expect_string): + def run_bootm(sha_algo, test_type, expect_string, boots): """Run a 'bootm' command U-Boot. This always starts a fresh U-Boot instance since the device tree may @@ -64,6 +67,8 @@ def test_vboot(u_boot_console): expect_string: A string which is expected in the output. sha_algo: Either 'sha1' or 'sha256', to select the algorithm to use. + boots: A boolean that is True if Linux should boot and False if + we are expected to not boot """ cons.restart_uboot() with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)): @@ -72,6 +77,8 @@ def test_vboot(u_boot_console): 'fdt addr 100', 'bootm 100']) assert(expect_string in ''.join(output)) + if boots: + assert('sandbox: continuing, as we cannot run' in ''.join(output)) def make_fit(its): """Make a new FIT from the .its source file. @@ -117,22 +124,22 @@ def test_vboot(u_boot_console): # Build the FIT, but don't sign anything yet cons.log.action('%s: Test FIT with signed images' % sha_algo) make_fit('sign-images-%s.its' % sha_algo) - run_bootm(sha_algo, 'unsigned images', 'dev-') + run_bootm(sha_algo, 'unsigned images', 'dev-', True) # Sign images with our dev keys sign_fit(sha_algo) - run_bootm(sha_algo, 'signed images', 'dev+') + run_bootm(sha_algo, 'signed images', 'dev+', True) # Create a fresh .dtb without the public keys dtc('sandbox-u-boot.dts') cons.log.action('%s: Test FIT with signed configuration' % sha_algo) make_fit('sign-configs-%s.its' % sha_algo) - run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo) + run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True) # Sign images with our dev keys sign_fit(sha_algo) - run_bootm(sha_algo, 'signed config', 'dev+') + run_bootm(sha_algo, 'signed config', 'dev+', True) cons.log.action('%s: Check signed config on the host' % sha_algo) @@ -149,7 +156,7 @@ def test_vboot(u_boot_console): util.run_and_log(cons, 'fdtput -t bx %s %s value %s' % (fit, sig_node, sig)) - run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash') + run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False) cons.log.action('%s: Check bad config on the host' % sha_algo) util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,