diff options
Diffstat (limited to 'test')
30 files changed, 912 insertions, 173 deletions
diff --git a/test/Kconfig b/test/Kconfig index d71c332..3643761 100644 --- a/test/Kconfig +++ b/test/Kconfig @@ -17,3 +17,4 @@ config UT_TIME source "test/dm/Kconfig" source "test/env/Kconfig" +source "test/overlay/Kconfig" diff --git a/test/README b/test/README new file mode 100644 index 0000000..1142e9c --- /dev/null +++ b/test/README @@ -0,0 +1,92 @@ +Testing in U-Boot +================= + +U-Boot has a large amount of code. This file describes how this code is +tested and what tests you should write when adding a new feature. + + +Running tests +------------- + +To run most tests on sandbox, type this: + + test/run + +in the U-Boot directory. Note that only the pytest suite is run using this +command. + + +Sandbox +------- +U-Boot can be built as a user-space application (e.g. for Linux). This +allows test to be executed without needing target hardware. The 'sandbox' +target provides this feature and it is widely used in tests. + + +Pytest Suite +------------ + +Many tests are available using the pytest suite, in test/py. This can run +either on sandbox or on real hardware. It relies on the U-Boot console to +inject test commands and check the result. It is slower to run than C code, +but provides the ability to unify lots of tests and summarise their results. + +You can run the tests on sandbox with: + + ./test/py/test.py --bd sandbox --build + +This will produce HTML output in build-sandbox/test-log.html + +See test/py/README.md for more information about the pytest suite. + + +tbot +---- + +Tbot provides a way to execute tests on target hardware. It is intended for +trying out both U-Boot and Linux (and potentially other software) on a +number of boards automatically. It can be used to create a continuous test +environment. See tools/tbot/README for more information. + + +Ad-hoc tests +------------ + +There are several ad-hoc tests which run outside the pytest environment: + + test/fs - File system test (shell script) + test/image - FIT and legacy image tests (shell script and Python) + test/stdint - A test that stdint.h can be used in U-Boot (shell script) + trace - Test for the tracing feature (shell script) + +TODO: Move these into pytest. + + +When to write tests +------------------- + +If you add code to U-Boot without a test you are taking a risk. Even if you +perform thorough manual testing at the time of submission, it may break when +future changes are made to U-Boot. It may even break when applied to mainline, +if other changes interact with it. A good mindset is that untested code +probably doesn't work and should be deleted. + +You can assume that the Pytest suite will be run before patches are accepted +to mainline, so this provides protection against future breakage. + +On the other hand there is quite a bit of code that is not covered with tests, +or is covered sparingly. So here are some suggestions: + +- If you are adding a new uclass, add a sandbox driver and a test that uses it +- If you are modifying code covered by an existing test, add a new test case + to cover your changes +- If the code you are modifying has not tests, consider writing one. Even a + very basic test is useful, and may be picked up and enhanced by others. It + is much easier to add onto a test - writing a new large test can seem + daunting to most contributors. + + +Future work +----------- + +Converting existing shell scripts into pytest tests. diff --git a/test/cmd_ut.c b/test/cmd_ut.c index f6e1f41..1433342 100644 --- a/test/cmd_ut.c +++ b/test/cmd_ut.c @@ -19,6 +19,9 @@ static cmd_tbl_t cmd_ut_sub[] = { #if defined(CONFIG_UT_ENV) U_BOOT_CMD_MKENT(env, CONFIG_SYS_MAXARGS, 1, do_ut_env, "", ""), #endif +#ifdef CONFIG_UT_OVERLAY + U_BOOT_CMD_MKENT(overlay, CONFIG_SYS_MAXARGS, 1, do_ut_overlay, "", ""), +#endif #ifdef CONFIG_UT_TIME U_BOOT_CMD_MKENT(time, CONFIG_SYS_MAXARGS, 1, do_ut_time, "", ""), #endif @@ -68,6 +71,9 @@ static char ut_help_text[] = #ifdef CONFIG_UT_ENV "ut env [test-name]\n" #endif +#ifdef CONFIG_UT_OVERLAY + "ut overlay [test-name]\n" +#endif #ifdef CONFIG_UT_TIME "ut time - Very basic test of time functions\n" #endif diff --git a/test/dm/Makefile b/test/dm/Makefile index cad3374..1885e17 100644 --- a/test/dm/Makefile +++ b/test/dm/Makefile @@ -24,6 +24,7 @@ obj-$(CONFIG_LED) += led.o obj-$(CONFIG_DM_MAILBOX) += mailbox.o obj-$(CONFIG_DM_MMC) += mmc.o obj-$(CONFIG_DM_PCI) += pci.o +obj-$(CONFIG_POWER_DOMAIN) += power-domain.o obj-$(CONFIG_RAM) += ram.o obj-y += regmap.o obj-$(CONFIG_REMOTEPROC) += remoteproc.o diff --git a/test/dm/bus.c b/test/dm/bus.c index 3b5a23b..d94dcf7 100644 --- a/test/dm/bus.c +++ b/test/dm/bus.c @@ -7,7 +7,6 @@ #include <common.h> #include <dm.h> #include <dm/device-internal.h> -#include <dm/root.h> #include <dm/test.h> #include <dm/uclass-internal.h> #include <dm/util.h> @@ -30,7 +29,7 @@ static struct dm_test_state *test_state; static int testbus_drv_probe(struct udevice *dev) { - return dm_scan_fdt_node(dev, gd->fdt_blob, dev->of_offset, false); + return dm_scan_fdt_dev(dev); } static int testbus_child_post_bind(struct udevice *dev) diff --git a/test/dm/i2c.c b/test/dm/i2c.c index 23d612e..e2688bf 100644 --- a/test/dm/i2c.c +++ b/test/dm/i2c.c @@ -31,8 +31,8 @@ static int dm_test_i2c_find(struct unit_test_state *uts) false, &bus)); /* - * i2c_post_bind() will bind devices to chip selects. Check this then - * remove the emulation and the slave device. + * The post_bind() method will bind devices to chip selects. Check + * this then remove the emulation and the slave device. */ ut_assertok(uclass_get_device_by_seq(UCLASS_I2C, busnum, &bus)); ut_assertok(dm_i2c_probe(bus, chip, 0, &dev)); diff --git a/test/dm/power-domain.c b/test/dm/power-domain.c new file mode 100644 index 0000000..379a8fa --- /dev/null +++ b/test/dm/power-domain.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2016, NVIDIA CORPORATION. + * + * SPDX-License-Identifier: GPL-2.0 + */ + +#include <common.h> +#include <dm.h> +#include <dm/test.h> +#include <asm/power-domain.h> +#include <test/ut.h> + +/* This must match the specifier for power-domains in the DT node */ +#define TEST_POWER_DOMAIN 2 + +static int dm_test_power_domain(struct unit_test_state *uts) +{ + struct udevice *dev_power_domain; + struct udevice *dev_test; + + ut_assertok(uclass_get_device_by_name(UCLASS_POWER_DOMAIN, + "power-domain", + &dev_power_domain)); + ut_asserteq(0, sandbox_power_domain_query(dev_power_domain, 0)); + ut_asserteq(0, sandbox_power_domain_query(dev_power_domain, + TEST_POWER_DOMAIN)); + + ut_assertok(uclass_get_device_by_name(UCLASS_MISC, "power-domain-test", + &dev_test)); + ut_assertok(sandbox_power_domain_test_get(dev_test)); + + ut_assertok(sandbox_power_domain_test_on(dev_test)); + ut_asserteq(0, sandbox_power_domain_query(dev_power_domain, 0)); + ut_asserteq(1, sandbox_power_domain_query(dev_power_domain, + TEST_POWER_DOMAIN)); + + ut_assertok(sandbox_power_domain_test_off(dev_test)); + ut_asserteq(0, sandbox_power_domain_query(dev_power_domain, 0)); + ut_asserteq(0, sandbox_power_domain_query(dev_power_domain, + TEST_POWER_DOMAIN)); + + ut_assertok(sandbox_power_domain_test_free(dev_test)); + + return 0; +} +DM_TEST(dm_test_power_domain, DM_TESTF_SCAN_FDT); diff --git a/test/dm/spi.c b/test/dm/spi.c index 2e27da7..5733096 100644 --- a/test/dm/spi.c +++ b/test/dm/spi.c @@ -30,8 +30,8 @@ static int dm_test_spi_find(struct unit_test_state *uts) false, &bus)); /* - * spi_post_bind() will bind devices to chip selects. Check this then - * remove the emulation and the slave device. + * The post_bind() method will bind devices to chip selects. Check + * this then remove the emulation and the slave device. */ ut_asserteq(0, uclass_get_device_by_seq(UCLASS_SPI, busnum, &bus)); ut_assertok(spi_cs_info(bus, cs, &info)); diff --git a/test/overlay/Kconfig b/test/overlay/Kconfig new file mode 100644 index 0000000..13c8542 --- /dev/null +++ b/test/overlay/Kconfig @@ -0,0 +1,11 @@ +config UT_OVERLAY + bool "Enable Device Tree Overlays Unit Tests" + depends on OF_LIBFDT_OVERLAY + depends on UNIT_TEST + help + This enables the 'ut overlay' command which runs a series of unit + tests on the fdt overlay code. + If all is well then all tests pass although there will be a few + messages printed along the way. + Be warned that it requires an out-of-tree dtc compiler with patches + to support the DT overlays, otherwise it will fail. diff --git a/test/overlay/Makefile b/test/overlay/Makefile new file mode 100644 index 0000000..907f085 --- /dev/null +++ b/test/overlay/Makefile @@ -0,0 +1,15 @@ +# +# Copyright (c) 2016 NextThing Co +# Copyright (c) 2016 Free Electrons +# +# SPDX-License-Identifier: GPL-2.0+ +# + +# Test files +obj-y += cmd_ut_overlay.o + +DTC_FLAGS += -@ + +# DT overlays +obj-y += test-fdt-base.dtb.o +obj-y += test-fdt-overlay.dtb.o diff --git a/test/overlay/cmd_ut_overlay.c b/test/overlay/cmd_ut_overlay.c new file mode 100644 index 0000000..87dc932 --- /dev/null +++ b/test/overlay/cmd_ut_overlay.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 2016 NextThing Co + * Copyright (c) 2016 Free Electrons + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +#include <common.h> +#include <command.h> +#include <errno.h> +#include <malloc.h> + +#include <linux/sizes.h> + +#include <test/ut.h> +#include <test/overlay.h> + +/* 4k ought to be enough for anybody */ +#define FDT_COPY_SIZE (4 * SZ_1K) + +extern u32 __dtb_test_fdt_base_begin; +extern u32 __dtb_test_fdt_overlay_begin; + +static int fdt_getprop_u32_by_index(void *fdt, const char *path, + const char *name, int index, + u32 *out) +{ + const fdt32_t *val; + int node_off; + int len; + + node_off = fdt_path_offset(fdt, path); + if (node_off < 0) + return node_off; + + val = fdt_getprop(fdt, node_off, name, &len); + if (!val || (len < (sizeof(uint32_t) * (index + 1)))) + return -FDT_ERR_NOTFOUND; + + *out = fdt32_to_cpu(*(val + index)); + + return 0; +} + +static int fdt_getprop_u32(void *fdt, const char *path, const char *name, + u32 *out) +{ + return fdt_getprop_u32_by_index(fdt, path, name, 0, out); +} + +static int fdt_getprop_str(void *fdt, const char *path, const char *name, + const char **out) +{ + int node_off; + + node_off = fdt_path_offset(fdt, path); + if (node_off < 0) + return node_off; + + return fdt_get_string(fdt, node_off, name, out); +} + +static int fdt_overlay_change_int_property(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + u32 val = 0; + + ut_assertok(fdt_getprop_u32(fdt, "/test-node", "test-int-property", + &val)); + ut_asserteq(43, val); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_change_int_property, 0); + +static int fdt_overlay_change_str_property(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + const char *val = NULL; + + ut_assertok(fdt_getprop_str(fdt, "/test-node", "test-str-property", + &val)); + ut_asserteq_str("foobar", val); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_change_str_property, 0); + +static int fdt_overlay_add_str_property(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + const char *val = NULL; + + ut_assertok(fdt_getprop_str(fdt, "/test-node", "test-str-property-2", + &val)); + ut_asserteq_str("foobar2", val); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_add_str_property, 0); + +static int fdt_overlay_add_node_by_phandle(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + int off; + + off = fdt_path_offset(fdt, "/test-node/new-node"); + ut_assert(off >= 0); + + ut_assertnonnull(fdt_getprop(fdt, off, "new-property", NULL)); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_add_node_by_phandle, 0); + +static int fdt_overlay_add_node_by_path(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + int off; + + off = fdt_path_offset(fdt, "/new-node"); + ut_assert(off >= 0); + + ut_assertnonnull(fdt_getprop(fdt, off, "new-property", NULL)); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_add_node_by_path, 0); + +static int fdt_overlay_add_subnode_property(struct unit_test_state *uts) +{ + void *fdt = uts->priv; + int off; + + off = fdt_path_offset(fdt, "/test-node/sub-test-node"); + ut_assert(off >= 0); + + ut_assertnonnull(fdt_getprop(fdt, off, "sub-test-property", NULL)); + ut_assertnonnull(fdt_getprop(fdt, off, "new-sub-test-property", NULL)); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_add_subnode_property, 0); + +static int fdt_overlay_local_phandle(struct unit_test_state *uts) +{ + uint32_t local_phandle; + void *fdt = uts->priv; + u32 val = 0; + int off; + + off = fdt_path_offset(fdt, "/new-local-node"); + ut_assert(off >= 0); + + local_phandle = fdt_get_phandle(fdt, off); + ut_assert(local_phandle); + + ut_assertok(fdt_getprop_u32_by_index(fdt, "/", "test-several-phandle", + 0, &val)); + ut_asserteq(local_phandle, val); + + ut_assertok(fdt_getprop_u32_by_index(fdt, "/", "test-several-phandle", + 1, &val)); + ut_asserteq(local_phandle, val); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_local_phandle, 0); + +static int fdt_overlay_local_phandles(struct unit_test_state *uts) +{ + uint32_t local_phandle, test_phandle; + void *fdt = uts->priv; + u32 val = 0; + int off; + + off = fdt_path_offset(fdt, "/new-local-node"); + ut_assert(off >= 0); + + local_phandle = fdt_get_phandle(fdt, off); + ut_assert(local_phandle); + + off = fdt_path_offset(fdt, "/test-node"); + ut_assert(off >= 0); + + test_phandle = fdt_get_phandle(fdt, off); + ut_assert(test_phandle); + + ut_assertok(fdt_getprop_u32_by_index(fdt, "/", "test-phandle", 0, + &val)); + ut_asserteq(test_phandle, val); + + ut_assertok(fdt_getprop_u32_by_index(fdt, "/", "test-phandle", 1, + &val)); + ut_asserteq(local_phandle, val); + + return CMD_RET_SUCCESS; +} +OVERLAY_TEST(fdt_overlay_local_phandles, 0); + +int do_ut_overlay(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ + struct unit_test *tests = ll_entry_start(struct unit_test, + overlay_test); + const int n_ents = ll_entry_count(struct unit_test, overlay_test); + struct unit_test_state *uts; + struct unit_test *test; + void *fdt_base = &__dtb_test_fdt_base_begin; + void *fdt_overlay = &__dtb_test_fdt_overlay_begin; + void *fdt_base_copy, *fdt_overlay_copy; + + uts = calloc(1, sizeof(*uts)); + if (!uts) + return -ENOMEM; + + ut_assertok(fdt_check_header(fdt_base)); + ut_assertok(fdt_check_header(fdt_overlay)); + + fdt_base_copy = malloc(FDT_COPY_SIZE); + if (!fdt_base_copy) + return -ENOMEM; + uts->priv = fdt_base_copy; + + fdt_overlay_copy = malloc(FDT_COPY_SIZE); + if (!fdt_overlay_copy) + return -ENOMEM; + + /* + * Resize the FDT to 4k so that we have room to operate on + * + * (and relocate it since the memory might be mapped + * read-only) + */ + ut_assertok(fdt_open_into(fdt_base, fdt_base_copy, FDT_COPY_SIZE)); + + /* + * Resize the overlay to 4k so that we have room to operate on + * + * (and relocate it since the memory might be mapped + * read-only) + */ + ut_assertok(fdt_open_into(fdt_overlay, fdt_overlay_copy, + FDT_COPY_SIZE)); + + /* Apply the overlay */ + ut_assertok(fdt_overlay_apply(fdt_base_copy, fdt_overlay_copy)); + + if (argc == 1) + printf("Running %d environment tests\n", n_ents); + + for (test = tests; test < tests + n_ents; test++) { + if (argc > 1 && strcmp(argv[1], test->name)) + continue; + printf("Test: %s\n", test->name); + + uts->start = mallinfo(); + + test->func(uts); + } + + printf("Failures: %d\n", uts->fail_count); + + free(fdt_overlay_copy); + free(fdt_base_copy); + free(uts); + + return uts->fail_count ? CMD_RET_FAILURE : 0; +} diff --git a/test/overlay/test-fdt-base.dts b/test/overlay/test-fdt-base.dts new file mode 100644 index 0000000..2603adb --- /dev/null +++ b/test/overlay/test-fdt-base.dts @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2016 NextThing Co + * Copyright (c) 2016 Free Electrons + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +/dts-v1/; + +/ { + test: test-node { + test-int-property = <42>; + test-str-property = "foo"; + + subtest: sub-test-node { + sub-test-property; + }; + }; +}; + + diff --git a/test/overlay/test-fdt-overlay.dts b/test/overlay/test-fdt-overlay.dts new file mode 100644 index 0000000..d30ecdf --- /dev/null +++ b/test/overlay/test-fdt-overlay.dts @@ -0,0 +1,96 @@ +/* + * Copyright (c) 2016 NextThing Co + * Copyright (c) 2016 Free Electrons + * + * SPDX-License-Identifier: GPL-2.0+ + */ + +/dts-v1/; +/plugin/; + +/ { + /* Test that we can change an int by another */ + fragment@0 { + target = <&test>; + + __overlay__ { + test-int-property = <43>; + }; + }; + + /* Test that we can replace a string by a longer one */ + fragment@1 { + target = <&test>; + + __overlay__ { + test-str-property = "foobar"; + }; + }; + + /* Test that we add a new property */ + fragment@2 { + target = <&test>; + + __overlay__ { + test-str-property-2 = "foobar2"; + }; + }; + + /* Test that we add a new node (by phandle) */ + fragment@3 { + target = <&test>; + + __overlay__ { + new-node { + new-property; + }; + }; + }; + + /* Test that we add a new node (by path) */ + fragment@4 { + target-path = "/"; + + __overlay__ { + new-node { + new-property; + }; + }; + }; + + fragment@5 { + target-path = "/"; + + __overlay__ { + local: new-local-node { + new-property; + }; + }; + }; + + fragment@6 { + target-path = "/"; + + __overlay__ { + test-phandle = <&test>, <&local>; + }; + }; + + fragment@7 { + target-path = "/"; + + __overlay__ { + test-several-phandle = <&local>, <&local>; + }; + }; + + fragment@8 { + target = <&test>; + + __overlay__ { + sub-test-node { + new-sub-test-property; + }; + }; + }; +}; diff --git a/test/py/conftest.py b/test/py/conftest.py index 449f98b..5b3a923 100644 --- a/test/py/conftest.py +++ b/test/py/conftest.py @@ -179,6 +179,7 @@ def pytest_configure(config): ubconfig.board_type = board_type ubconfig.board_identity = board_identity ubconfig.gdbserver = gdbserver + ubconfig.dtb = build_dir + '/arch/sandbox/dts/test.dtb' env_vars = ( 'board_type', @@ -192,7 +193,7 @@ def pytest_configure(config): for v in env_vars: os.environ['U_BOOT_' + v.upper()] = getattr(ubconfig, v) - if board_type == 'sandbox': + if board_type.startswith('sandbox'): import u_boot_console_sandbox console = u_boot_console_sandbox.ConsoleSandbox(log, ubconfig) else: diff --git a/test/py/multiplexed_log.py b/test/py/multiplexed_log.py index 68917eb..bf926c3 100644 --- a/test/py/multiplexed_log.py +++ b/test/py/multiplexed_log.py @@ -101,6 +101,8 @@ class RunAndLog(object): self.logfile = logfile self.name = name self.chained_file = chained_file + self.output = None + self.exit_status = None def close(self): """Clean up any resources managed by this object.""" @@ -109,6 +111,9 @@ class RunAndLog(object): def run(self, cmd, cwd=None, ignore_errors=False): """Run a command as a sub-process, and log the results. + The output is available at self.output which can be useful if there is + an exception. + Args: cmd: The command to execute. cwd: The directory to run the command in. Can be None to use the @@ -119,7 +124,7 @@ class RunAndLog(object): raised if such problems occur. Returns: - Nothing. + The output as a string. """ msg = '+' + ' '.join(cmd) + '\n' @@ -159,8 +164,13 @@ class RunAndLog(object): self.logfile.write(self, output) if self.chained_file: self.chained_file.write(output) + + # Store the output so it can be accessed if we raise an exception. + self.output = output + self.exit_status = exit_status if exception: raise exception + return output class SectionCtxMgr(object): """A context manager for Python's "with" statement, which allows a certain diff --git a/test/py/tests/test_ofplatdata.py b/test/py/tests/test_ofplatdata.py new file mode 100644 index 0000000..457c405 --- /dev/null +++ b/test/py/tests/test_ofplatdata.py @@ -0,0 +1,42 @@ +# Copyright (c) 2016 Google, Inc +# +# SPDX-License-Identifier: GPL-2.0+ + +import pytest + +OF_PLATDATA_OUTPUT = ''' +of-platdata probe: +bool 1 +byte 05 +bytearray 06 00 00 +int 1 +intarray 2 3 4 0 +longbytearray 09 0a 0b 0c 0d 0e 0f 10 11 +string message +stringarray "multi-word" "message" "" +of-platdata probe: +bool 0 +byte 08 +bytearray 01 23 34 +int 3 +intarray 5 0 0 0 +longbytearray 09 00 00 00 00 00 00 00 00 +string message2 +stringarray "another" "multi-word" "message" +of-platdata probe: +bool 0 +byte 00 +bytearray 00 00 00 +int 0 +intarray 0 0 0 0 +longbytearray 00 00 00 00 00 00 00 00 00 +string <NULL> +stringarray "one" "" "" +''' + +@pytest.mark.buildconfigspec('spl_of_platdata') +def test_ofplatdata(u_boot_console): + """Test that of-platdata can be generated and used in sandbox""" + cons = u_boot_console + output = cons.get_spawn_output().replace('\r', '') + assert OF_PLATDATA_OUTPUT in output diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py new file mode 100644 index 0000000..021892b --- /dev/null +++ b/test/py/tests/test_vboot.py @@ -0,0 +1,194 @@ +# Copyright (c) 2016, Google Inc. +# +# SPDX-License-Identifier: GPL-2.0+ +# +# U-Boot Verified Boot Test + +""" +This tests verified boot in the following ways: + +For image verification: +- Create FIT (unsigned) with mkimage +- Check that verification shows that no keys are verified +- Sign image +- Check that verification shows that a key is now verified + +For configuration verification: +- Corrupt signature and check for failure +- Create FIT (with unsigned configuration) with mkimage +- Check that image verification works +- Sign the FIT and mark the key as 'required' for verification +- Check that image verification works +- Corrupt the signature +- Check that image verification no-longer works + +Tests run with both SHA1 and SHA256 hashing. +""" + +import pytest +import sys +import u_boot_utils as util + +@pytest.mark.boardspec('sandbox') +@pytest.mark.buildconfigspec('fit_signature') +def test_vboot(u_boot_console): + """Test verified boot signing with mkimage and verification with 'bootm'. + + This works using sandbox only as it needs to update the device tree used + by U-Boot to hold public keys from the signing process. + + The SHA1 and SHA256 tests are combined into a single test since the + key-generation process is quite slow and we want to avoid doing it twice. + """ + def dtc(dts): + """Run the device tree compiler to compile a .dts file + + The output file will be the same as the input file but with a .dtb + extension. + + Args: + dts: Device tree file to compile. + """ + dtb = dts.replace('.dts', '.dtb') + util.run_and_log(cons, 'dtc %s %s%s -O dtb ' + '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb)) + + def run_bootm(sha_algo, test_type, expect_string): + """Run a 'bootm' command U-Boot. + + This always starts a fresh U-Boot instance since the device tree may + contain a new public key. + + Args: + test_type: A string identifying the test type. + expect_string: A string which is expected in the output. + sha_algo: Either 'sha1' or 'sha256', to select the algorithm to + use. + """ + cons.restart_uboot() + with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)): + output = cons.run_command_list( + ['sb load hostfs - 100 %stest.fit' % tmpdir, + 'fdt addr 100', + 'bootm 100']) + assert(expect_string in ''.join(output)) + + def make_fit(its): + """Make a new FIT from the .its source file. + + This runs 'mkimage -f' to create a new FIT. + + Args: + its: Filename containing .its source. + """ + util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f', + '%s%s' % (datadir, its), fit]) + + def sign_fit(sha_algo): + """Sign the FIT + + Signs the FIT and writes the signature into it. It also writes the + public key into the dtb. + + Args: + sha_algo: Either 'sha1' or 'sha256', to select the algorithm to + use. + """ + cons.log.action('%s: Sign images' % sha_algo) + util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb, + '-r', fit]) + + def test_with_algo(sha_algo): + """Test verified boot with the given hash algorithm. + + This is the main part of the test code. The same procedure is followed + for both hashing algorithms. + + Args: + sha_algo: Either 'sha1' or 'sha256', to select the algorithm to + use. + """ + # Compile our device tree files for kernel and U-Boot. These are + # regenerated here since mkimage will modify them (by adding a + # public key) below. + dtc('sandbox-kernel.dts') + dtc('sandbox-u-boot.dts') + + # Build the FIT, but don't sign anything yet + cons.log.action('%s: Test FIT with signed images' % sha_algo) + make_fit('sign-images-%s.its' % sha_algo) + run_bootm(sha_algo, 'unsigned images', 'dev-') + + # Sign images with our dev keys + sign_fit(sha_algo) + run_bootm(sha_algo, 'signed images', 'dev+') + + # Create a fresh .dtb without the public keys + dtc('sandbox-u-boot.dts') + + cons.log.action('%s: Test FIT with signed configuration' % sha_algo) + make_fit('sign-configs-%s.its' % sha_algo) + run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo) + + # Sign images with our dev keys + sign_fit(sha_algo) + run_bootm(sha_algo, 'signed config', 'dev+') + + cons.log.action('%s: Check signed config on the host' % sha_algo) + + util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir, + '-k', dtb]) + + # Increment the first byte of the signature, which should cause failure + sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' % + (fit, sig_node)) + byte_list = sig.split() + byte = int(byte_list[0], 16) + byte_list[0] = '%x' % (byte + 1) + sig = ' '.join(byte_list) + util.run_and_log(cons, 'fdtput -t bx %s %s value %s' % + (fit, sig_node, sig)) + + run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash') + + cons.log.action('%s: Check bad config on the host' % sha_algo) + util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit, + '-k', dtb], 1, 'Failed to verify required signature') + + cons = u_boot_console + tmpdir = cons.config.result_dir + '/' + tmp = tmpdir + 'vboot.tmp' + datadir = cons.config.source_dir + '/test/py/tests/vboot/' + fit = '%stest.fit' % tmpdir + mkimage = cons.config.build_dir + '/tools/mkimage' + fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign' + dtc_args = '-I dts -O dtb -i %s' % tmpdir + dtb = '%ssandbox-u-boot.dtb' % tmpdir + sig_node = '/configurations/conf@1/signature@1' + + # Create an RSA key pair + public_exponent = 65537 + util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key ' + '-pkeyopt rsa_keygen_bits:2048 ' + '-pkeyopt rsa_keygen_pubexp:%d ' + '2>/dev/null' % (tmpdir, public_exponent)) + + # Create a certificate containing the public key + util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out ' + '%sdev.crt' % (tmpdir, tmpdir)) + + # Create a number kernel image with zeroes + with open('%stest-kernel.bin' % tmpdir, 'w') as fd: + fd.write(5000 * chr(0)) + + try: + # We need to use our own device tree file. Remember to restore it + # afterwards. + old_dtb = cons.config.dtb + cons.config.dtb = dtb + test_with_algo('sha1') + test_with_algo('sha256') + finally: + # Go back to the original U-Boot with the correct dtb. + cons.config.dtb = old_dtb + cons.restart_uboot() diff --git a/test/vboot/sandbox-kernel.dts b/test/py/tests/vboot/sandbox-kernel.dts index a1e853c..a1e853c 100644 --- a/test/vboot/sandbox-kernel.dts +++ b/test/py/tests/vboot/sandbox-kernel.dts diff --git a/test/vboot/sandbox-u-boot.dts b/test/py/tests/vboot/sandbox-u-boot.dts index 63f8f40..63f8f40 100644 --- a/test/vboot/sandbox-u-boot.dts +++ b/test/py/tests/vboot/sandbox-u-boot.dts diff --git a/test/vboot/sign-configs-sha1.its b/test/py/tests/vboot/sign-configs-sha1.its index db2ed79..db2ed79 100644 --- a/test/vboot/sign-configs-sha1.its +++ b/test/py/tests/vboot/sign-configs-sha1.its diff --git a/test/vboot/sign-configs-sha256.its b/test/py/tests/vboot/sign-configs-sha256.its index 1b3432e..1b3432e 100644 --- a/test/vboot/sign-configs-sha256.its +++ b/test/py/tests/vboot/sign-configs-sha256.its diff --git a/test/vboot/sign-images-sha1.its b/test/py/tests/vboot/sign-images-sha1.its index f69326a..f69326a 100644 --- a/test/vboot/sign-images-sha1.its +++ b/test/py/tests/vboot/sign-images-sha1.its diff --git a/test/vboot/sign-images-sha256.its b/test/py/tests/vboot/sign-images-sha256.its index e6aa9fc..e6aa9fc 100644 --- a/test/vboot/sign-images-sha256.its +++ b/test/py/tests/vboot/sign-images-sha256.its diff --git a/test/py/u_boot_console_base.py b/test/py/u_boot_console_base.py index 815fa64..b1f4742 100644 --- a/test/py/u_boot_console_base.py +++ b/test/py/u_boot_console_base.py @@ -106,7 +106,7 @@ class ConsoleBase(object): # Array slice removes leading/trailing quotes self.prompt = self.config.buildconfig['config_sys_prompt'][1:-1] - self.prompt_escaped = re.escape(self.prompt) + self.prompt_compiled = re.compile('^' + re.escape(self.prompt), re.MULTILINE) self.p = None self.disable_check_count = {pat[PAT_ID]: 0 for pat in bad_pattern_defs} self.eval_bad_patterns() @@ -201,7 +201,7 @@ class ConsoleBase(object): self.bad_pattern_ids[m - 1]) if not wait_for_prompt: return - m = self.p.expect([self.prompt_escaped] + self.bad_patterns) + m = self.p.expect([self.prompt_compiled] + self.bad_patterns) if m != 0: self.at_prompt = False raise Exception('Bad pattern found on console: ' + @@ -216,6 +216,23 @@ class ConsoleBase(object): self.cleanup_spawn() raise + def run_command_list(self, cmds): + """Run a list of commands. + + This is a helper function to call run_command() with default arguments + for each command in a list. + + Args: + cmd: List of commands (each a string). + Returns: + A list of output strings from each command, one element for each + command. + """ + output = [] + for cmd in cmds: + output.append(self.run_command(cmd)) + return output + def ctrlc(self): """Send a CTRL-C character to U-Boot. @@ -329,7 +346,7 @@ class ConsoleBase(object): m = self.p.expect([pattern_u_boot_spl_signon] + self.bad_patterns) if m != 0: - raise Exception('Bad pattern found on console: ' + + raise Exception('Bad pattern found on SPL console: ' + self.bad_pattern_ids[m - 1]) m = self.p.expect([pattern_u_boot_main_signon] + self.bad_patterns) if m != 0: @@ -337,7 +354,7 @@ class ConsoleBase(object): self.bad_pattern_ids[m - 1]) self.u_boot_version_string = self.p.after while True: - m = self.p.expect([self.prompt_escaped, + m = self.p.expect([self.prompt_compiled, pattern_stop_autoboot_prompt] + self.bad_patterns) if m == 0: break @@ -377,6 +394,21 @@ class ConsoleBase(object): pass self.p = None + def restart_uboot(self): + """Shut down and restart U-Boot.""" + self.cleanup_spawn() + self.ensure_spawned() + + def get_spawn_output(self): + """Return the start-up output from U-Boot + + Returns: + The output produced by ensure_spawed(), as a string. + """ + if self.p: + return self.p.get_expect_output() + return None + def validate_version_string_in_text(self, text): """Assert that a command's output includes the U-Boot signon message. diff --git a/test/py/u_boot_console_sandbox.py b/test/py/u_boot_console_sandbox.py index 04654ae..647e1f8 100644 --- a/test/py/u_boot_console_sandbox.py +++ b/test/py/u_boot_console_sandbox.py @@ -39,14 +39,18 @@ class ConsoleSandbox(ConsoleBase): A u_boot_spawn.Spawn object that is attached to U-Boot. """ + bcfg = self.config.buildconfig + config_spl = bcfg.get('config_spl', 'n') == 'y' + fname = '/spl/u-boot-spl' if config_spl else '/u-boot' + print fname cmd = [] if self.config.gdbserver: cmd += ['gdbserver', self.config.gdbserver] cmd += [ - self.config.build_dir + '/u-boot', + self.config.build_dir + fname, '-v', '-d', - self.config.build_dir + '/arch/sandbox/dts/test.dtb' + self.config.dtb ] return Spawn(cmd, cwd=self.config.source_dir) diff --git a/test/py/u_boot_spawn.py b/test/py/u_boot_spawn.py index a5f4a8e..3a0fbfa 100644 --- a/test/py/u_boot_spawn.py +++ b/test/py/u_boot_spawn.py @@ -18,6 +18,9 @@ class Timeout(Exception): class Spawn(object): """Represents the stdio of a freshly created sub-process. Commands may be sent to the process, and responses waited for. + + Members: + output: accumulated output from expect() """ def __init__(self, args, cwd=None): @@ -34,10 +37,16 @@ class Spawn(object): self.waited = False self.buf = '' + self.output = '' self.logfile_read = None self.before = '' self.after = '' self.timeout = None + # http://stackoverflow.com/questions/7857352/python-regex-to-match-vt100-escape-sequences + # Note that re.I doesn't seem to work with this regex (or perhaps the + # version of Python in Ubuntu 14.04), hence the inclusion of a-z inside + # [] instead. + self.re_vt100 = re.compile('(\x1b\[|\x9b)[^@-_a-z]*[@-_a-z]|\x1b[@-_a-z]') (self.pid, self.fd) = pty.fork() if self.pid == 0: @@ -149,6 +158,7 @@ class Spawn(object): posafter = earliest_m.end() self.before = self.buf[:pos] self.after = self.buf[pos:posafter] + self.output += self.buf[:posafter] self.buf = self.buf[posafter:] return earliest_pi tnow_s = time.time() @@ -168,6 +178,10 @@ class Spawn(object): if self.logfile_read: self.logfile_read.write(c) self.buf += c + # count=0 is supposed to be the default, which indicates + # unlimited substitutions, but in practice the version of + # Python in Ubuntu 14.04 appears to default to count=2! + self.buf = self.re_vt100.sub('', self.buf, count=1000000) finally: if self.logfile_read: self.logfile_read.flush() @@ -189,3 +203,11 @@ class Spawn(object): if not self.isalive(): break time.sleep(0.1) + + def get_expect_output(self): + """Return the output read by expect() + + Returns: + The output processed by expect(), as a string. + """ + return self.output diff --git a/test/py/u_boot_utils.py b/test/py/u_boot_utils.py index 6a6b2ec..2ba4bae 100644 --- a/test/py/u_boot_utils.py +++ b/test/py/u_boot_utils.py @@ -158,19 +158,47 @@ def run_and_log(u_boot_console, cmd, ignore_errors=False): Args: u_boot_console: A console connection to U-Boot. - cmd: The command to run, as an array of argv[]. + cmd: The command to run, as an array of argv[], or a string. + If a string, note that it is split up so that quoted spaces + will not be preserved. E.g. "fred and" becomes ['"fred', 'and"'] ignore_errors: Indicate whether to ignore errors. If True, the function will simply return if the command cannot be executed or exits with an error code, otherwise an exception will be raised if such problems occur. Returns: - Nothing. + The output as a string. """ - + if isinstance(cmd, str): + cmd = cmd.split() runner = u_boot_console.log.get_runner(cmd[0], sys.stdout) - runner.run(cmd, ignore_errors=ignore_errors) + output = runner.run(cmd, ignore_errors=ignore_errors) runner.close() + return output + +def run_and_log_expect_exception(u_boot_console, cmd, retcode, msg): + """Run a command that is expected to fail. + + This runs a command and checks that it fails with the expected return code + and exception method. If not, an exception is raised. + + Args: + u_boot_console: A console connection to U-Boot. + cmd: The command to run, as an array of argv[]. + retcode: Expected non-zero return code from the command. + msg: String that should be contained within the command's output. + """ + try: + runner = u_boot_console.log.get_runner(cmd[0], sys.stdout) + runner.run(cmd) + except Exception as e: + assert(retcode == runner.exit_status) + assert(msg in runner.output) + else: + raise Exception("Expected an exception with retcode %d message '%s'," + "but it was not raised" % (retcode, msg)) + finally: + runner.close() ram_base = None def find_ram_base(u_boot_console): @@ -201,7 +229,7 @@ def find_ram_base(u_boot_console): with u_boot_console.log.section('find_ram_base'): response = u_boot_console.run_command('bdinfo') for l in response.split('\n'): - if '-> start' in l: + if '-> start' in l or 'memstart =' in l: ram_base = int(l.split('=')[1].strip(), 16) break if ram_base is None: diff --git a/test/run b/test/run new file mode 100755 index 0000000..a6dcf8f --- /dev/null +++ b/test/run @@ -0,0 +1,4 @@ +#!/bin/sh + +# Run all tests +./test/py/test.py --bd sandbox --build diff --git a/test/vboot/.gitignore b/test/vboot/.gitignore deleted file mode 100644 index 4631242..0000000 --- a/test/vboot/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/*.dtb -/test.fit -/dev-keys diff --git a/test/vboot/vboot_test.sh b/test/vboot/vboot_test.sh deleted file mode 100755 index 6d7abb8..0000000 --- a/test/vboot/vboot_test.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2013, Google Inc. -# -# Simple Verified Boot Test Script -# -# SPDX-License-Identifier: GPL-2.0+ - -set -e - -# Run U-Boot and report the result -# Args: -# $1: Test message -run_uboot() { - echo -n "Test Verified Boot Run: $1: " - ${uboot} -d sandbox-u-boot.dtb >${tmp} -c ' -sb load hostfs - 100 test.fit; -fdt addr 100; -bootm 100; -reset' - if ! grep -q "$2" ${tmp}; then - echo - echo "Verified boot key check failed, output follows:" - cat ${tmp} - false - else - echo "OK" - fi -} - -echo "Simple Verified Boot Test" -echo "=========================" -echo -echo "Please see doc/uImage.FIT/verified-boot.txt for more information" -echo - -err=0 -tmp=/tmp/vboot_test.$$ - -dir=$(dirname $0) - -if [ -z ${O} ]; then - O=. -fi -O=$(readlink -f ${O}) - -dtc="-I dts -O dtb -p 2000" -uboot="${O}/u-boot" -mkimage="${O}/tools/mkimage" -fit_check_sign="${O}/tools/fit_check_sign" -keys="${dir}/dev-keys" -echo ${mkimage} -D "${dtc}" - -echo "Build keys" -mkdir -p ${keys} - -PUBLIC_EXPONENT=${1} - -if [ -z "${PUBLIC_EXPONENT}" ]; then - PUBLIC_EXPONENT=65537 -fi - -# Create an RSA key pair -openssl genpkey -algorithm RSA -out ${keys}/dev.key \ - -pkeyopt rsa_keygen_bits:2048 \ - -pkeyopt rsa_keygen_pubexp:${PUBLIC_EXPONENT} 2>/dev/null - -# Create a certificate containing the public key -openssl req -batch -new -x509 -key ${keys}/dev.key -out ${keys}/dev.crt - -pushd ${dir} >/dev/null - -function do_test { - echo do $sha test - # Compile our device tree files for kernel and U-Boot - dtc -p 0x1000 sandbox-kernel.dts -O dtb -o sandbox-kernel.dtb - dtc -p 0x1000 sandbox-u-boot.dts -O dtb -o sandbox-u-boot.dtb - - # Create a number kernel image with zeroes - head -c 5000 /dev/zero >test-kernel.bin - - # Build the FIT, but don't sign anything yet - echo Build FIT with signed images - ${mkimage} -D "${dtc}" -f sign-images-$sha.its test.fit >${tmp} - - run_uboot "unsigned signatures:" "dev-" - - # Sign images with our dev keys - echo Sign images - ${mkimage} -D "${dtc}" -F -k dev-keys -K sandbox-u-boot.dtb \ - -r test.fit >${tmp} - - run_uboot "signed images" "dev+" - - - # Create a fresh .dtb without the public keys - dtc -p 0x1000 sandbox-u-boot.dts -O dtb -o sandbox-u-boot.dtb - - echo Build FIT with signed configuration - ${mkimage} -D "${dtc}" -f sign-configs-$sha.its test.fit >${tmp} - - run_uboot "unsigned config" $sha"+ OK" - - # Sign images with our dev keys - echo Sign images - ${mkimage} -D "${dtc}" -F -k dev-keys -K sandbox-u-boot.dtb \ - -r test.fit >${tmp} - - run_uboot "signed config" "dev+" - - echo check signed config on the host - if ! ${fit_check_sign} -f test.fit -k sandbox-u-boot.dtb >${tmp}; then - echo - echo "Verified boot key check on host failed, output follows:" - cat ${tmp} - false - else - if ! grep -q "dev+" ${tmp}; then - echo - echo "Verified boot key check failed, output follows:" - cat ${tmp} - false - else - echo "OK" - fi - fi - - run_uboot "signed config" "dev+" - - # Increment the first byte of the signature, which should cause failure - sig=$(fdtget -t bx test.fit /configurations/conf@1/signature@1 value) - newbyte=$(printf %x $((0x${sig:0:2} + 1))) - sig="${newbyte} ${sig:2}" - fdtput -t bx test.fit /configurations/conf@1/signature@1 value ${sig} - - run_uboot "signed config with bad hash" "Bad Data Hash" -} - -sha=sha1 -do_test -sha=sha256 -do_test - -popd >/dev/null - -echo -if ${ok}; then - echo "Test passed" -else - echo "Test failed" -fi |