Hi Sughosh, On Tue, 13 Jun 2023 at 11:39, Sughosh Ganu <[email protected]> wrote: > > Support has been added to generate capsules through parameters > specified in the config file. To bring this under the testing ambit, > make changes in the EFI capsule test logic to generate the capsule > files by parsing the config file, when the path to the config file is > specified. > > Signed-off-by: Sughosh Ganu <[email protected]> > --- > configs/sandbox_defconfig | 1 + > test/py/tests/test_efi_capsule/conftest.py | 106 +++++++++++------- > .../test_efi_capsule/sandbox_capsule_cfg.txt | 75 +++++++++++++ > 3 files changed, 139 insertions(+), 43 deletions(-) > create mode 100644 test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt > > diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig > index d8a2386bb0..ba26816898 100644 > --- a/configs/sandbox_defconfig > +++ b/configs/sandbox_defconfig > @@ -340,6 +340,7 @@ CONFIG_EFI_CAPSULE_ON_DISK=y > CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y > CONFIG_EFI_CAPSULE_AUTHENTICATE=y > CONFIG_EFI_CAPSULE_ESL_FILE="/tmp/capsules/SIGNER.esl" > +CONFIG_EFI_CAPSULE_CFG_FILE="/tmp/capsules/sandbox_capsule_cfg.txt" > CONFIG_EFI_SECURE_BOOT=y > CONFIG_TEST_FDTDEC=y > CONFIG_UNIT_TEST=y > diff --git a/test/py/tests/test_efi_capsule/conftest.py > b/test/py/tests/test_efi_capsule/conftest.py > index 4269c41a74..4eb54c1a61 100644 > --- a/test/py/tests/test_efi_capsule/conftest.py > +++ b/test/py/tests/test_efi_capsule/conftest.py > @@ -42,21 +42,6 @@ def efi_capsule_data(request, u_boot_config): > check_call('cd %s; %s/tools/mkimage -f uboot_bin_env.its > uboot_bin_env.itb' % > (data_dir, u_boot_config.build_dir), > shell=True) > - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test01' % > - (data_dir, u_boot_config.build_dir), > - shell=True) > - check_call('cd %s; %s/tools/mkeficapsule --index 2 --guid > 5A7021F5-FEF2-48B4-AABA-832E777418C0 u-boot.env.new Test02' % > - (data_dir, u_boot_config.build_dir), > - shell=True) > - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 058B7D83-50D5-4C47-A195-60D86AD341C4 u-boot.bin.new Test03' % > - (data_dir, u_boot_config.build_dir), > - shell=True) > - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test04' % > - (data_dir, u_boot_config.build_dir), > - shell=True) > - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 058B7D83-50D5-4C47-A195-60D86AD341C4 uboot_bin_env.itb Test05' % > - (data_dir, u_boot_config.build_dir), > - shell=True) > > capsule_auth_enabled = u_boot_config.buildconfig.get( > 'config_efi_capsule_authenticate') > @@ -66,40 +51,75 @@ def efi_capsule_data(request, u_boot_config): > check_call('cp %s/arch/sandbox/dts/test.dtb %s/test_sig.dtb' % > (u_boot_config.build_dir, data_dir), shell=True) > > - # raw firmware signed with proper key > - check_call('cd %s; ' > - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' > - '--private-key SIGNER.key --certificate > SIGNER.crt ' > - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' > - 'u-boot.bin.new Test11' > - % (data_dir, u_boot_config.build_dir), > + cfg_file = u_boot_config.buildconfig.get( > + 'config_efi_capsule_cfg_file')[1:-1] > + if cfg_file: > + capsules_path_dir = '/tmp/capsules/' > + check_call('mkdir -p %s ;' > + 'cp -a %s/* %s/' % (capsules_path_dir, data_dir, > capsules_path_dir), > shell=True) > - # raw firmware signed with *mal* key > - check_call('cd %s; ' > - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' > - '--private-key SIGNER2.key ' > - '--certificate SIGNER2.crt ' > - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' > - 'u-boot.bin.new Test12' > - % (data_dir, u_boot_config.build_dir), > + check_call(' cp > %s/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt %s' > + % (u_boot_config.source_dir, capsules_path_dir), > shell=True) > - # FIT firmware signed with proper key > check_call('cd %s; ' > - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' > - '--private-key SIGNER.key --certificate > SIGNER.crt ' > - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' > - 'uboot_bin_env.itb Test13' > - % (data_dir, u_boot_config.build_dir), > + 'make capsule O=%s' % (u_boot_config.source_dir, > u_boot_config.build_dir), > shell=True) > - # FIT firmware signed with *mal* key > check_call('cd %s; ' > - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' > - '--private-key SIGNER2.key ' > - '--certificate SIGNER2.crt ' > - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' > - 'uboot_bin_env.itb Test14' > - % (data_dir, u_boot_config.build_dir), > + 'mv Test* %s' > + % (capsules_path_dir, data_dir), shell=True) > + check_call('rm -rf %s' % capsules_path_dir, shell=True) > + else: > + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test01' % > + (data_dir, u_boot_config.build_dir), > + shell=True) > + check_call('cd %s; %s/tools/mkeficapsule --index 2 --guid > 5A7021F5-FEF2-48B4-AABA-832E777418C0 u-boot.env.new Test02' % > + (data_dir, u_boot_config.build_dir), > shell=True) > + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 058B7D83-50D5-4C47-A195-60D86AD341C4 u-boot.bin.new Test03' % > + (data_dir, u_boot_config.build_dir), > + shell=True) > + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test04' % > + (data_dir, u_boot_config.build_dir), > + shell=True) > + check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid > 058B7D83-50D5-4C47-A195-60D86AD341C4 uboot_bin_env.itb Test05' % > + (data_dir, u_boot_config.build_dir), > + shell=True) > + > + if capsule_auth_enabled: > + # raw firmware signed with proper key > + check_call('cd %s; ' > + '%s/tools/mkeficapsule --index 1 > --monotonic-count 1 ' > + '--private-key SIGNER.key --certificate > SIGNER.crt ' > + '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' > + 'u-boot.bin.new Test11' > + % (data_dir, u_boot_config.build_dir), > + shell=True) > + # raw firmware signed with *mal* key > + check_call('cd %s; ' > + '%s/tools/mkeficapsule --index 1 > --monotonic-count 1 ' > + '--private-key SIGNER2.key ' > + '--certificate SIGNER2.crt ' > + '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' > + 'u-boot.bin.new Test12' > + % (data_dir, u_boot_config.build_dir), > + shell=True) > + # FIT firmware signed with proper key > + check_call('cd %s; ' > + '%s/tools/mkeficapsule --index 1 > --monotonic-count 1 ' > + '--private-key SIGNER.key --certificate > SIGNER.crt ' > + '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' > + 'uboot_bin_env.itb Test13' > + % (data_dir, u_boot_config.build_dir), > + shell=True) > + # FIT firmware signed with *mal* key > + check_call('cd %s; ' > + '%s/tools/mkeficapsule --index 1 > --monotonic-count 1 ' > + '--private-key SIGNER2.key ' > + '--certificate SIGNER2.crt ' > + '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' > + 'uboot_bin_env.itb Test14' > + % (data_dir, u_boot_config.build_dir), > + shell=True) > > # Create a disk image with EFI system partition > check_call('virt-make-fs --partition=gpt --size=+1M --type=vfat %s > %s' % > diff --git a/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt > b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt > new file mode 100644 > index 0000000000..4e5065d538 > --- /dev/null > +++ b/test/py/tests/test_efi_capsule/sandbox_capsule_cfg.txt > @@ -0,0 +1,75 @@ > +{ > + image-index: 1 > + image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8 > + payload: /tmp/capsules/u-boot.bin.new > + capsule: /tmp/capsules/Test01 > +} > +{ > + image-index: 2 > + image-guid: 5A7021F5-FEF2-48B4-AABA-832E777418C0 > + payload: /tmp/capsules/u-boot.env.new > + capsule: /tmp/capsules/Test02 > +} > +{ > + image-index: 1 > + image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4 > + payload: /tmp/capsules/u-boot.bin.new > + capsule: /tmp/capsules/Test03 > + > +} > +{ > + image-index: 1 > + image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937 > + payload: /tmp/capsules/uboot_bin_env.itb > + capsule: /tmp/capsules/Test04 > + > +} > +{ > + image-index: 1 > + image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4 > + payload: /tmp/capsules/uboot_bin_env.itb > + capsule: /tmp/capsules/Test05 > + > +} > +{ > + image-index: 1 > + image-guid: 058B7D83-50D5-4C47-A195-60D86AD341C4 > + payload: /tmp/capsules/uboot_bin_env.itb > + capsule: /tmp/capsules/Test05 > +} > +{ > + image-index: 1 > + monotonic-count: 1 > + private-key: /tmp/capsules/SIGNER.key > + pub-key-cert: /tmp/capsules/SIGNER.crt > + image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8 > + payload: /tmp/capsules/u-boot.bin.new > + capsule: /tmp/capsules/Test11 > +} > +{ > + image-index: 1 > + monotonic-count: 1 > + private-key: /tmp/capsules/SIGNER2.key > + pub-key-cert: /tmp/capsules/SIGNER2.crt > + image-guid: 09D7CF52-0720-4710-91D1-08469B7FE9C8 > + payload: /tmp/capsules/u-boot.bin.new > + capsule: /tmp/capsules/Test12 > +} > +{ > + image-index: 1 > + monotonic-count: 1 > + private-key: /tmp/capsules/SIGNER.key > + pub-key-cert: /tmp/capsules/SIGNER.crt > + image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937 > + payload: /tmp/capsules/uboot_bin_env.itb > + capsule: /tmp/capsules/Test13 > +} > +{ > + image-index: 1 > + monotonic-count: 1 > + private-key: /tmp/capsules/SIGNER2.key > + pub-key-cert: /tmp/capsules/SIGNER2.crt > + image-guid: 3673B45D-6A7C-46F3-9E60-ADABB03F7937 > + payload: /tmp/capsules/uboot_bin_env.itb > + capsule: /tmp/capsules/Test14 > +} > -- > 2.34.1 >
These tests should really be in binman. Regards, Simon
