Merge branch '2018-12-03-master-imports'

- Baltos platform updates - rtc m41t62 converted to DM. - PowerPC MPC8xx DM conversion - Verified boot updates
author: Tom Rini <trini@konsulko.com> 2018-12-03 16:23:03 -0500
committer: Tom Rini <trini@konsulko.com> 2018-12-03 16:23:03 -0500
commit: cf7c6f533331ff032d8949663ab2abe618da9cb4 (patch)
tree: 05b83585e594685f83f626c21071172be1d607e5 /test
parent: 8f5bfb7615e82ffccebf79530b08034f81e56268 (diff)
parent: fb0204e48b3e5ed5ecdfab89229140b6d4a1a08b (diff)
9 files changed, 222 insertions, 40 deletions
diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py
index 92144d4c1e..4627ceb026 100644
--- a/test/py/tests/test_vboot.py
+++ b/test/py/tests/test_vboot.py
@@ -126,7 +126,7 @@ def test_vboot(u_boot_console):
             handle.write(struct.pack(">I", size))
         return struct.unpack(">I", total_size)[0]
 
-    def test_with_algo(sha_algo):
+    def test_with_algo(sha_algo, padding):
         """Test verified boot with the given hash algorithm.
 
         This is the main part of the test code. The same procedure is followed
@@ -144,7 +144,7 @@ def test_vboot(u_boot_console):
 
         # Build the FIT, but don't sign anything yet
         cons.log.action('%s: Test FIT with signed images' % sha_algo)
-        make_fit('sign-images-%s.its' % sha_algo)
+        make_fit('sign-images-%s%s.its' % (sha_algo , padding))
         run_bootm(sha_algo, 'unsigned images', 'dev-', True)
 
         # Sign images with our dev keys
@@ -155,7 +155,7 @@ def test_vboot(u_boot_console):
         dtc('sandbox-u-boot.dts')
 
         cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
-        make_fit('sign-configs-%s.its' % sha_algo)
+        make_fit('sign-configs-%s%s.its' % (sha_algo , padding))
         run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)
 
         # Sign images with our dev keys
@@ -204,7 +204,7 @@ def test_vboot(u_boot_console):
     fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
     dtc_args = '-I dts -O dtb -i %s' % tmpdir
     dtb = '%ssandbox-u-boot.dtb' % tmpdir
-    sig_node = '/configurations/conf@1/signature@1'
+    sig_node = '/configurations/conf-1/signature'
 
     # Create an RSA key pair
     public_exponent = 65537
@@ -226,8 +226,10 @@ def test_vboot(u_boot_console):
         # afterwards.
         old_dtb = cons.config.dtb
         cons.config.dtb = dtb
-        test_with_algo('sha1')
-        test_with_algo('sha256')
+        test_with_algo('sha1','')
+        test_with_algo('sha1','-pss')
+        test_with_algo('sha256','')
+        test_with_algo('sha256','-pss')
     finally:
         # Go back to the original U-Boot with the correct dtb.
         cons.config.dtb = old_dtb
diff --git a/test/py/tests/vboot/sign-configs-sha1-pss.its b/test/py/tests/vboot/sign-configs-sha1-pss.its
new file mode 100644
index 0000000000..72a5637e3a
--- /dev/null
+++ b/test/py/tests/vboot/sign-configs-sha1-pss.its
@@ -0,0 +1,46 @@
+/dts-v1/;
+
+/ {
+	description = "Chrome OS kernel image with one or more FDT blobs";
+	#address-cells = <1>;
+
+	images {
+		kernel {
+			data = /incbin/("test-kernel.bin");
+			type = "kernel_noload";
+			arch = "sandbox";
+			os = "linux";
+			compression = "none";
+			load = <0x4>;
+			entry = <0x8>;
+			kernel-version = <1>;
+			hash-1 {
+				algo = "sha1";
+			};
+		};
+		fdt-1 {
+			description = "snow";
+			data = /incbin/("sandbox-kernel.dtb");
+			type = "flat_dt";
+			arch = "sandbox";
+			compression = "none";
+			fdt-version = <1>;
+			hash-1 {
+				algo = "sha1";
+			};
+		};
+	};
+	configurations {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+			signature {
+				algo = "sha1,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+				sign-images = "fdt", "kernel";
+			};
+		};
+	};
+};
diff --git a/test/py/tests/vboot/sign-configs-sha1.its b/test/py/tests/vboot/sign-configs-sha1.its
index db2ed79355..d8bc1fa091 100644
--- a/test/py/tests/vboot/sign-configs-sha1.its
+++ b/test/py/tests/vboot/sign-configs-sha1.its
@@ -5,7 +5,7 @@
 	#address-cells = <1>;
 
 	images {
-		kernel@1 {
+		kernel {
 			data = /incbin/("test-kernel.bin");
 			type = "kernel_noload";
 			arch = "sandbox";
@@ -14,28 +14,28 @@
 			load = <0x4>;
 			entry = <0x8>;
 			kernel-version = <1>;
-			hash@1 {
+			hash-1 {
 				algo = "sha1";
 			};
 		};
-		fdt@1 {
+		fdt-1 {
 			description = "snow";
 			data = /incbin/("sandbox-kernel.dtb");
 			type = "flat_dt";
 			arch = "sandbox";
 			compression = "none";
 			fdt-version = <1>;
-			hash@1 {
+			hash-1 {
 				algo = "sha1";
 			};
 		};
 	};
 	configurations {
-		default = "conf@1";
-		conf@1 {
-			kernel = "kernel@1";
-			fdt = "fdt@1";
-			signature@1 {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+			signature {
 				algo = "sha1,rsa2048";
 				key-name-hint = "dev";
 				sign-images = "fdt", "kernel";
diff --git a/test/py/tests/vboot/sign-configs-sha256-pss.its b/test/py/tests/vboot/sign-configs-sha256-pss.its
new file mode 100644
index 0000000000..7bdcc7e286
--- /dev/null
+++ b/test/py/tests/vboot/sign-configs-sha256-pss.its
@@ -0,0 +1,46 @@
+/dts-v1/;
+
+/ {
+	description = "Chrome OS kernel image with one or more FDT blobs";
+	#address-cells = <1>;
+
+	images {
+		kernel {
+			data = /incbin/("test-kernel.bin");
+			type = "kernel_noload";
+			arch = "sandbox";
+			os = "linux";
+			compression = "none";
+			load = <0x4>;
+			entry = <0x8>;
+			kernel-version = <1>;
+			hash-1 {
+				algo = "sha256";
+			};
+		};
+		fdt-1 {
+			description = "snow";
+			data = /incbin/("sandbox-kernel.dtb");
+			type = "flat_dt";
+			arch = "sandbox";
+			compression = "none";
+			fdt-version = <1>;
+			hash-1 {
+				algo = "sha256";
+			};
+		};
+	};
+	configurations {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+			signature {
+				algo = "sha256,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+				sign-images = "fdt", "kernel";
+			};
+		};
+	};
+};
diff --git a/test/py/tests/vboot/sign-configs-sha256.its b/test/py/tests/vboot/sign-configs-sha256.its
index 1b3432ec14..f5591aad30 100644
--- a/test/py/tests/vboot/sign-configs-sha256.its
+++ b/test/py/tests/vboot/sign-configs-sha256.its
@@ -5,7 +5,7 @@
 	#address-cells = <1>;
 
 	images {
-		kernel@1 {
+		kernel {
 			data = /incbin/("test-kernel.bin");
 			type = "kernel_noload";
 			arch = "sandbox";
@@ -14,28 +14,28 @@
 			load = <0x4>;
 			entry = <0x8>;
 			kernel-version = <1>;
-			hash@1 {
+			hash-1 {
 				algo = "sha256";
 			};
 		};
-		fdt@1 {
+		fdt-1 {
 			description = "snow";
 			data = /incbin/("sandbox-kernel.dtb");
 			type = "flat_dt";
 			arch = "sandbox";
 			compression = "none";
 			fdt-version = <1>;
-			hash@1 {
+			hash-1 {
 				algo = "sha256";
 			};
 		};
 	};
 	configurations {
-		default = "conf@1";
-		conf@1 {
-			kernel = "kernel@1";
-			fdt = "fdt@1";
-			signature@1 {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+			signature {
 				algo = "sha256,rsa2048";
 				key-name-hint = "dev";
 				sign-images = "fdt", "kernel";
diff --git a/test/py/tests/vboot/sign-images-sha1-pss.its b/test/py/tests/vboot/sign-images-sha1-pss.its
new file mode 100644
index 0000000000..ded7ae4f55
--- /dev/null
+++ b/test/py/tests/vboot/sign-images-sha1-pss.its
@@ -0,0 +1,44 @@
+/dts-v1/;
+
+/ {
+	description = "Chrome OS kernel image with one or more FDT blobs";
+	#address-cells = <1>;
+
+	images {
+		kernel {
+			data = /incbin/("test-kernel.bin");
+			type = "kernel_noload";
+			arch = "sandbox";
+			os = "linux";
+			compression = "none";
+			load = <0x4>;
+			entry = <0x8>;
+			kernel-version = <1>;
+			signature {
+				algo = "sha1,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+			};
+		};
+		fdt-1 {
+			description = "snow";
+			data = /incbin/("sandbox-kernel.dtb");
+			type = "flat_dt";
+			arch = "sandbox";
+			compression = "none";
+			fdt-version = <1>;
+			signature {
+				algo = "sha1,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+			};
+		};
+	};
+	configurations {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+		};
+	};
+};
diff --git a/test/py/tests/vboot/sign-images-sha1.its b/test/py/tests/vboot/sign-images-sha1.its
index f69326a39b..18c759e9e6 100644
--- a/test/py/tests/vboot/sign-images-sha1.its
+++ b/test/py/tests/vboot/sign-images-sha1.its
@@ -5,7 +5,7 @@
 	#address-cells = <1>;
 
 	images {
-		kernel@1 {
+		kernel {
 			data = /incbin/("test-kernel.bin");
 			type = "kernel_noload";
 			arch = "sandbox";
@@ -14,29 +14,29 @@
 			load = <0x4>;
 			entry = <0x8>;
 			kernel-version = <1>;
-			signature@1 {
+			signature {
 				algo = "sha1,rsa2048";
 				key-name-hint = "dev";
 			};
 		};
-		fdt@1 {
+		fdt-1 {
 			description = "snow";
 			data = /incbin/("sandbox-kernel.dtb");
 			type = "flat_dt";
 			arch = "sandbox";
 			compression = "none";
 			fdt-version = <1>;
-			signature@1 {
+			signature {
 				algo = "sha1,rsa2048";
 				key-name-hint = "dev";
 			};
 		};
 	};
 	configurations {
-		default = "conf@1";
-		conf@1 {
-			kernel = "kernel@1";
-			fdt = "fdt@1";
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
 		};
 	};
 };
diff --git a/test/py/tests/vboot/sign-images-sha256-pss.its b/test/py/tests/vboot/sign-images-sha256-pss.its
new file mode 100644
index 0000000000..34850cc6c5
--- /dev/null
+++ b/test/py/tests/vboot/sign-images-sha256-pss.its
@@ -0,0 +1,44 @@
+/dts-v1/;
+
+/ {
+	description = "Chrome OS kernel image with one or more FDT blobs";
+	#address-cells = <1>;
+
+	images {
+		kernel {
+			data = /incbin/("test-kernel.bin");
+			type = "kernel_noload";
+			arch = "sandbox";
+			os = "linux";
+			compression = "none";
+			load = <0x4>;
+			entry = <0x8>;
+			kernel-version = <1>;
+			signature {
+				algo = "sha256,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+			};
+		};
+		fdt-1 {
+			description = "snow";
+			data = /incbin/("sandbox-kernel.dtb");
+			type = "flat_dt";
+			arch = "sandbox";
+			compression = "none";
+			fdt-version = <1>;
+			signature {
+				algo = "sha256,rsa2048";
+				padding = "pss";
+				key-name-hint = "dev";
+			};
+		};
+	};
+	configurations {
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
+		};
+	};
+};
diff --git a/test/py/tests/vboot/sign-images-sha256.its b/test/py/tests/vboot/sign-images-sha256.its
index e6aa9fc409..bb0f8ee8a6 100644
--- a/test/py/tests/vboot/sign-images-sha256.its
+++ b/test/py/tests/vboot/sign-images-sha256.its
@@ -5,7 +5,7 @@
 	#address-cells = <1>;
 
 	images {
-		kernel@1 {
+		kernel {
 			data = /incbin/("test-kernel.bin");
 			type = "kernel_noload";
 			arch = "sandbox";
@@ -14,29 +14,29 @@
 			load = <0x4>;
 			entry = <0x8>;
 			kernel-version = <1>;
-			signature@1 {
+			signature {
 				algo = "sha256,rsa2048";
 				key-name-hint = "dev";
 			};
 		};
-		fdt@1 {
+		fdt-1 {
 			description = "snow";
 			data = /incbin/("sandbox-kernel.dtb");
 			type = "flat_dt";
 			arch = "sandbox";
 			compression = "none";
 			fdt-version = <1>;
-			signature@1 {
+			signature {
 				algo = "sha256,rsa2048";
 				key-name-hint = "dev";
 			};
 		};
 	};
 	configurations {
-		default = "conf@1";
-		conf@1 {
-			kernel = "kernel@1";
-			fdt = "fdt@1";
+		default = "conf-1";
+		conf-1 {
+			kernel = "kernel";
+			fdt = "fdt-1";
 		};
 	};
 };
author	Tom Rini <trini@konsulko.com>	2018-12-03 16:23:03 -0500
committer	Tom Rini <trini@konsulko.com>	2018-12-03 16:23:03 -0500
commit	cf7c6f533331ff032d8949663ab2abe618da9cb4 (patch)
tree	05b83585e594685f83f626c21071172be1d607e5 /test
parent	8f5bfb7615e82ffccebf79530b08034f81e56268 (diff)
parent	fb0204e48b3e5ed5ecdfab89229140b6d4a1a08b (diff)