From patchwork Thu Aug 10 14:23:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712348 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp675380rwb; Thu, 10 Aug 2023 07:24:36 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGP1E7Eyk4S/quAq/u+46pOIbQ62F8rMan1ausnCIsLjNGWatzapflE06YPMnxRezF81yEv X-Received: by 2002:adf:e850:0:b0:317:eee2:6fba with SMTP id d16-20020adfe850000000b00317eee26fbamr2121502wrn.40.1691677476398; Thu, 10 Aug 2023 07:24:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677476; cv=none; d=google.com; s=arc-20160816; b=n/Aruld5vYHC87JiawUFKkbE0YbYgq5pEISvUTA/jPMLnk/TjT2W+GnvoL0hoMP9Jp PlMXybwJoUiLsVZv7OBnKt51c/i2q1ydPC49Fv39paesL/NvK7OmbiSyjnsk2oLKsGmA X/DNap49sJc7rvcBvOoOSpXKyqpDCwuKF+/hyJd8fmyHV9gAHQYwAaAZ8UA4NKwf85Qq 16sHqM0odhzS3GRuwcW/7c+doakrCaBOKVyOnRvXrZf5lJKVdvr+rdYi1IOobbE34Sk2 CU7qujzZqsxGAZrLXWlpYqMFvm3ONrgL86K14MTZ4ALysyAC3MFndBZcymuYZrrJTyhg BmlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=B2LIikxZfKnRv7LcBL+azK79ksUovXoZl9ayv4DDpgY=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=MMVpKXJMtcClt3FjjyQgAVGkCGkJcfQFniuCQ4ujc7zOjZflLb/f5Qp5hLFJY4U47X 16fvgvjocXUzGjVvLGVq715lZrUH4NUut3FRF/CgsbXcjxPzCn0BmicTwnNNWqkT3COO 2ozElsuh6RlpFInbrjMPuwoY6QCQxtrdzKCZECsfnf5p39PTAmpfiHzqjP//U2YT9SFC tBsP7SZq8x5L0OCembKEredPyC9v1B7SZXThZMDcPiZ27URH7kJ8DXita/4cyKdigmkU HcUsZt7QQr9zwKZf9oLoMkbXrzV2dW78peLVbwWt6bXaSEbzMWHcIA5PZEUgFz34mQeo i1XA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id v7-20020adff687000000b0031809d9b282si865408wrp.638.2023.08.10.07.24.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:24:36 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4452A86894; Thu, 10 Aug 2023 16:24:25 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 39F6D86851; Thu, 10 Aug 2023 16:24:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 46BBA8681D for ; Thu, 10 Aug 2023 16:24:18 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D371A113E; Thu, 10 Aug 2023 07:24:59 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id ADB343F64C; Thu, 10 Aug 2023 07:24:14 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 1/9] binman: bintool: Build a tool from a list of commands Date: Thu, 10 Aug 2023 19:53:30 +0530 Message-Id: <20230810142338.3402963-2-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add support to build a tool from source with a list of commands. This is useful when a tool can be built with multiple commands instead of a single command. Signed-off-by: Sughosh Ganu Reviewed-by: Simon Glass --- Changes since V7: None tools/binman/bintool.py | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/tools/binman/bintool.py b/tools/binman/bintool.py index 0b0f56dbbb..3c4ad1adbb 100644 --- a/tools/binman/bintool.py +++ b/tools/binman/bintool.py @@ -328,7 +328,7 @@ class Bintool: return result.stdout @classmethod - def build_from_git(cls, git_repo, make_target, bintool_path, flags=None): + def build_from_git(cls, git_repo, make_targets, bintool_path, flags=None): """Build a bintool from a git repo This clones the repo in a temporary directory, builds it with 'make', @@ -336,7 +336,8 @@ class Bintool: Args: git_repo (str): URL of git repo - make_target (str): Target to pass to 'make' to build the tool + make_targets (list of str): List of targets to pass to 'make' to build + the tool bintool_path (str): Relative path of the tool in the repo, after build is complete flags (list of str): Flags or variables to pass to make, or None @@ -350,12 +351,14 @@ class Bintool: tmpdir = tempfile.mkdtemp(prefix='binmanf.') print(f"- clone git repo '{git_repo}' to '{tmpdir}'") tools.run('git', 'clone', '--depth', '1', git_repo, tmpdir) - print(f"- build target '{make_target}'") - cmd = ['make', '-C', tmpdir, '-j', f'{multiprocessing.cpu_count()}', - make_target] - if flags: - cmd += flags - tools.run(*cmd) + for target in make_targets: + print(f"- build target '{target}'") + cmd = ['make', '-C', tmpdir, '-j', f'{multiprocessing.cpu_count()}', + target] + if flags: + cmd += flags + tools.run(*cmd) + fname = os.path.join(tmpdir, bintool_path) if not os.path.exists(fname): print(f"- File '{fname}' was not produced") From patchwork Thu Aug 10 14:23:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712347 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp675301rwb; Thu, 10 Aug 2023 07:24:27 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFChI4fD6ZIfAdREGuu6qtsOPJ2SNObIT4HxcQ8426v4louhlMQwezmuSDTceFNj+kgaJOr X-Received: by 2002:a05:600c:204e:b0:3fb:e643:1225 with SMTP id p14-20020a05600c204e00b003fbe6431225mr2050346wmg.13.1691677466784; Thu, 10 Aug 2023 07:24:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677466; cv=none; d=google.com; s=arc-20160816; b=i1o6MFo7bKN0/u19fsAaSGSxHBlTiS/yXprhCu8jfwuMbkvCIlspby0W8wthJjeD3G dpAI7QRz0pan2CO+RdmG0ocPRWTn7fRQEPn7vDiV0tCwT9BDIlc9IddfSxXArhIcdrpk OC1p9uPd5bgKNuIEoJM9w18nvd8ANdGLDMmrTcTbCoriNNOprdYfcJem6MgFL0skP4lc RIqqW+0Q1DFOPta9NhqRD5/FSejfSYKMKxsWNDnaFib7QnQ6bNOfayRQYzVsqrgdJx02 XMKzJm6FWFbzC4LEmKxLVfXlb9ZkhAvs43nBCD748oUpVHQKiAYNK2M+85xVYXrweL4B uUxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=LJzymiv2oy+MRmI0B+Uw2lTT+eTa8rvvh6TB3SOQdjM=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=AXByyythFYvFZPSmrXIZgLI29Q7WarLO0dFWpii6lWQ7VOeloHvvdA2hgG2DbgcfJV GbUG6b0zJEfY+dJLr8WypLS1+ThKDTRVF7U1JyRa05+RJZXOYbZixtP6noGUzx7gBeqC 5/2fKnCmi21sGp6lA3/Ge43l7G0UO0lhhicz63KGcpT/XBCWvoVls0oMF+aeIlxfxOYA R2Z8hcl8JYZMpI10L3wrZbd76l/0njX2Heg8fpbFKb0fRWrVTD1KwRW1pMBQGnAzZoms Lf5p0Sl8ou1zEKb1Tr8KU077fX4RkyjXSBFqC7fJyWRFat5xkO9kQvq4InExERfjCdtj 6/sA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id n5-20020a05600c294500b003fe26770ebasi2292402wmd.162.2023.08.10.07.24.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:24:26 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 056798688C; Thu, 10 Aug 2023 16:24:25 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 32CC886884; Thu, 10 Aug 2023 16:24:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 4CCB186851 for ; Thu, 10 Aug 2023 16:24:21 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1EE75139F; Thu, 10 Aug 2023 07:25:03 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id ED41E3F64C; Thu, 10 Aug 2023 07:24:17 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 2/9] nuvoton: npcm845-evb: Add a newline at the end of file Date: Thu, 10 Aug 2023 19:53:31 +0530 Message-Id: <20230810142338.3402963-3-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add a newline at the end of the dts, without which the build fails when including a dtsi file. Signed-off-by: Sughosh Ganu Reviewed-by: Simon Glass Reviewed-by: Ilias Apalodimas --- Changes since V7: * Rephrase the commit message arch/arm/dts/nuvoton-npcm845-evb.dts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/dts/nuvoton-npcm845-evb.dts b/arch/arm/dts/nuvoton-npcm845-evb.dts index 3cab7807e3..a93666cb41 100644 --- a/arch/arm/dts/nuvoton-npcm845-evb.dts +++ b/arch/arm/dts/nuvoton-npcm845-evb.dts @@ -354,4 +354,4 @@ &r1en_pins &r1oen_pins >; -}; \ No newline at end of file +}; From patchwork Thu Aug 10 14:23:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712350 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp675594rwb; Thu, 10 Aug 2023 07:24:59 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEtYNFdNLVKLf1bxI/jGuflV3unidGhiusoXIq1QF3n/KwcJM775UIBKmMMUX790ImA8toG X-Received: by 2002:adf:f98f:0:b0:314:1228:c4c1 with SMTP id f15-20020adff98f000000b003141228c4c1mr2130446wrr.23.1691677499123; Thu, 10 Aug 2023 07:24:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677499; cv=none; d=google.com; s=arc-20160816; b=BLdJhzharSPwlwY9hfgeyt535okBMmeUSu/v2Vc91/C50MO50OGyvaAZIUqtYkq14O iw9aiAVfulLTpoRu591Bp6tBrn4CXqsI3G7BT/yQ1RYVdXeOG2gSJ45uzdmvGYxbSMLP uXU1JH4yj75PPqxSw/Izldhpl3yGK09dlNreUnR6M7Ou/Gh5/5PwjpS7GjyfAO3m6I49 s9K3ckwbwkmj9n9amzsi4mP2UqvKBFX81W4HRjXw8ZHUmzdbJ+Wp1X1ZtuovzCQFsFYH fYDzEpMr9WLvhny5524X09AO5c0yMVCELF+iwafoDaixzsTWGlas4wwADvkbFzWOg1Wd TPfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=9jp+q1TMVuwCdUsSgMewfOY1Ds7plmOA2qy01Wb9cz4=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=vhSLW7VHliJ7+A9kvQT3mnXZE+janlXaFZBCw4ymc+K5hCx0FtyBGBnMB7mztsXPoM sFy+OoGz1WhtozotsCoXBbXDMenc51THWf5qr3xrHhSB3GC7j4jhtS0XLxhPFU2JDiqI PQSSJ4IpGOeMIX03xMvRIC+hpW1bh7UVRSb7xeTNLKJccs/1Na3PROeFb3BMqq9cMxP4 2rUPA1ivU8Wpb5yBB/Aylb71A1+uzCgKJwxs9Rdp5IEfMKJmNddOEYDW/NWXIU5t9/hh xhDrxPQDUzJLYJiYOfrOtKkxP3yOb4kmmtjPKI+DT9FDysXNgyzheuWOPHy12jyGd1rb f0lA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id w8-20020adff9c8000000b0031412b685d5si832131wrr.413.2023.08.10.07.24.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:24:59 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C4949868BF; Thu, 10 Aug 2023 16:24:28 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id AD92D868AE; Thu, 10 Aug 2023 16:24:26 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 74F9186878 for ; Thu, 10 Aug 2023 16:24:24 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 5E909D75; Thu, 10 Aug 2023 07:25:06 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 38A783F64C; Thu, 10 Aug 2023 07:24:20 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 3/9] sandbox: capsule: Add keys and certificates needed for capsule update testing Date: Thu, 10 Aug 2023 19:53:32 +0530 Message-Id: <20230810142338.3402963-4-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add the private keys and public key certificates which are to be used for capsule authentication while testing the EFI capsule update functionality. There are two pairs of private and public keys, good and bad. The good key pair will be used for signing capsules, whilst the bad key pair is to be used as malicious keys for testing authentication failure cases. The capsule_pub_key_good.crt is also converted to an EFI Signature List(ESL) file, SIGNER.esl, which is embedded in the platform's device-tree for capsule authentication. Signed-off-by: Sughosh Ganu --- Changes since V7: * Change the file names to highlight good and bad keys as suggested by Simon Glass. board/sandbox/capsule_priv_key_bad.key | 28 ++++++++++++++++++++++++ board/sandbox/capsule_priv_key_good.key | 28 ++++++++++++++++++++++++ board/sandbox/capsule_pub_esl_good.esl | Bin 0 -> 831 bytes board/sandbox/capsule_pub_key_bad.crt | 19 ++++++++++++++++ board/sandbox/capsule_pub_key_good.crt | 19 ++++++++++++++++ 5 files changed, 94 insertions(+) create mode 100644 board/sandbox/capsule_priv_key_bad.key create mode 100644 board/sandbox/capsule_priv_key_good.key create mode 100644 board/sandbox/capsule_pub_esl_good.esl create mode 100644 board/sandbox/capsule_pub_key_bad.crt create mode 100644 board/sandbox/capsule_pub_key_good.crt diff --git a/board/sandbox/capsule_priv_key_bad.key b/board/sandbox/capsule_priv_key_bad.key new file mode 100644 index 0000000000..2324f69ebd --- /dev/null +++ b/board/sandbox/capsule_priv_key_bad.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCmPw1pGd2xNW0p +lesRXkkek3uwUB06Nt61tnZvpMkBKt4IokqGWz1tZls+Z2CqvwOfcsPZ27cPRYSu +xRnM3YdL4MG6SePV7i/YSNw3rq8CP8zLGtCbNIfsfsNfPQEtPBpw6+7pMJKhjqpV +2U2UQzZEiX4qlnhLpyv2JNJag27yf0feLdJi7HnJ9xdvcXpA1DSGm4y+DDhgYeI8 +DEteEu6s0TYQfnOZSQOeJi+1/Qz0S594uFJB37MyGh/mB15ILb8gva4nA3ayHOBK +0dd+HSiUCGYrLYO7aj+nfzQj9N1qTlzCnC1603bMczU5pkwcODg6xP0Sn11J6RYy +y0c0qzJLAgMBAAECggEABDY2MLoew3IkBltrParAWAUUcFLi95jw92q6BkOHEJg8 +2qia1yCitPUtPodMLmOKF5x4EdgXg5sv2O8MGbWP1VtUKXGh3QJcnRnNmsZ1hXJC +RBcrei2aVLsqf0V2Mg3+GuG8PW3vLWHyZ/Sd6afeuXEYm2Bzrw9J5rfd3dBVKm7f +HBvIyy1ATO/2cbUaEaCLOyhxLhssTI2TIK5SjlsjFLxiQXEi6RyGfBxUCriKZykS +krMdvYh7Tf0uYcv0STmQ5s5Rd+RhRIGCVAdsNBxxJjgBAgqqa/B+kWbcc6o2D41n +yWjErUaBBx3t0A7oT4K4DSTYwMNDVY3fhdd+szsocQKBgQDjnm8LG4UO6OQDm6iX +0vTQTItoAz5TU6GEjHTCfVEqiupD4LKfHhSXwp2hRyzxXO5oNTU9MQCzYd7Npes0 +oVk4Tjo3YDacNPgxqKjODu/Q+tkTH15ydzGr674+YXHfCA1uT5GKOiiF0H1FZgMa +Dk0s+3uWX34vbL4QCu97bUhBewKBgQC6+Z0J9sClgWvvjkglJN3XhRnAacp+WgX7 +bkpgSboXIIsqeqhd1WCLeV7L1pcZgifYBMPojf5LTBqBedL1q3RuqiqQWD/bSIYN +Oc9KCdTjksS8Zo+w+s5zDObDhW9y13H2mKwDqilYBrT4fiA62wPMf1SjEF+RSC6K +ZrQzHO1xcQKBgAILsXnLFIYOx8XUh05eAf9BQNt9c/jxvnjffkklMS6Nsw9LHK/b +aFn40MvbROcia64aFFFpeFUkYwk8HYIKlS+xXEqVHciHnVds6Z94eOVK69qFJKco +tRSTeNE8tPZJLz23j1pLrYOOXSHbidmZGU53MCQo1Yx9kLO6NW7Ji6WzAoGBALP4 +lEoE80Xbn3NEdvkZ1VcfzLvCmKCqMlvjuz+Xd8HPF2VaDznSq01VFAQMmAB7obJy +U8hC9OSxakn6Yy8JS9dBgBrUdxKxaibM4FQZxosOuMPHzMPDhniDkJPemnnmGtIL +/nbAkW8jdYpCjO9Z5PwwC92xYuvKmNGrLgSM8ZhhAoGAfgSZTpASXubM18E3ecfw +5z333wf9qEQgZj7i9MzByFZudyHUhv/FPW1ocUJf36Wu1dfofZg3noSL6oakrm2v +dFDo4PoyCStuF0w9SSzpIld01ZG0t7XqphY0DmshCXIXsqr7Vb4WrbBI7KX+b3Um +BzmROfaSud97NjQ/RA26OZk= +-----END PRIVATE KEY----- diff --git a/board/sandbox/capsule_priv_key_good.key b/board/sandbox/capsule_priv_key_good.key new file mode 100644 index 0000000000..9a37f59796 --- /dev/null +++ b/board/sandbox/capsule_priv_key_good.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCwBfaV0P1jRzS6 +13U1T+4VbuMVsxFXhwHJY5z5Fx6v+cWBf3K1ruK+7cEnW55ZHXvNE2JCkjMvISKm +hI/DLJWIPnAus8tFdU/R2u5oJbKI+b6GbuamO/CG9HsXZ58lOC6r2ckjixxovsA9 +SFshccdIv2YrwiVsWeyFpH+rB3/+cFbrgdWpaUc1367GkU/ZCnSRDBvVvzRRI1a4 +y2NogFqbZHXHENpzWNJ3TTXhf9dwM5HFGkmX7SA43Dtazae6CB4EaUKzLYWj3+ae +AQbdvBrupKZQz1PUKn7X6+BGaLujHthvibYppNegPvqbJ1xBbv59CQK+lRULwC05 +NYw5+sIxAgMBAAECggEAHn8h/knjpMAw/BAZP//VrYP1Nwy7u/Dpl9U43JUrXWzG +Uc3dd2nR4id6GBIRCLqJePnbQ9JlqMwyXyxHZhbC34SF1imTVbjh9+dY99VULdQr +NMphDrsCzLbt3pu24HFv8Jk+dniDFwi5cMSo+U3nq4xxrLIp3rBjwLHD5sNZYyEU +9xZnj7ziTn5X8da8iRxNpyzz2kQeVemJ0ahr/IkX718bkakSFMesGkln06vH7rAs +069SeqOPrFEbWYXI5iMktLugl3JZpzasRE48j0M42PuProgvT7jb8B35ZF7kn0jT +MqTIHglsJRWcSY0fAb2lHSAvd2vLLVunxr9PDWZvGQKBgQDVzVTuvo1CrVrQLy+B +tpy2k5mjR3qxAOcoWTnKcMErLe8imWWaxukODenP4XqQIX4Sl+X3BXxOqun0Klap +FEsI7TWSHf0eULFtFj0SCgqfRR+V/nblP05eO2nFXgr5YdNa1bWf/aMHplBo4q9e +bbAr4InUB7IGWL2cWjhOhWuJbQKBgQDSw81cBM+vGPUYH/wlxlTVgZCo2Dg2NHjt +LUBqvOZNr21j2F+w8t1vKmqwhkqpc5HIi3pHjEA5gZLTRtmf4GQyo973I6MGn4bS +eayOd6/+FkAi9DUD+WaF7yctJqeevav6KF2UCiz78OtCAU5Y9jFFJpuOANIztI7m +t7ZCUpMFVQKBgFnAsP7oj3SGQbFTnaXeeztKCx04TJExx9hwXIpXe0AdMF5d9wFa +r0tvG9Bg34rSBJLZoXhpnR2JMl2FyIuCMV219t84J6IqTdF1nH2OKZdi9TeKc28Z +fFSirGxmZkT6hDeFr5FScLYtY2QkhWomseY5hKK1+E4hwrd4SFruN46hAoGBAJgh +nzTBgEtqH1enlrCJhSiLmihV0dVGcNb559pjuXTvoG0GfKPT2gPowRPkCzZe5ia0 +jrHgSWd44MtCA8nEBW8MG9+VyJH6Si3Yh7ZaLB2iX+8bCL1yow8f/c44bZtGW0F5 +K3q1EZ1VW+rL2IqcQhog8P1CGHgb514f0x3yTo71AoGACGdb+Nb6lg8OSJPUcuuH +xsWk6RhkJl9bldTleS+QT3R9zO3FvbTwnCCYJboh5Cq/jVmiA7T+fcVAyEJNHSdm +hxbHdScuiJdNWL9+FczOkylnKH3VEdG3RS5lGdyi6r+miTMs3h8WfzGp4JINysjg +PUFskK36qGjASfkRUn0hizQ= +-----END PRIVATE KEY----- diff --git a/board/sandbox/capsule_pub_esl_good.esl b/board/sandbox/capsule_pub_esl_good.esl new file mode 100644 index 0000000000000000000000000000000000000000..f8cc272309b2f80113c29e22bc9fdd5c767b4667 GIT binary patch literal 831 zcmZ1&d0^?2Da*aux2_hA(f&|m&&&V@%1|1@gOCPI%=`vTjNcb9GchtTi3D3+YdNud z!N;6d=3f<&F-6ONS4$i4vT_x7NA^t?#f z>a)U0PLquF6_u8?^dHul+F@6qxB0YdssF`W?=n<3b^P4dmiKI#^@p}E)#B;%RW0;Z z-#n?@Et9eDfUQTgV&QR*{b|~VRC6NVv@WS%&0hbnAnbMH)s>mjlOWk4kw?f2&||$2#il@?9KqESXN5 zbz2wTe>RVi?d~3_cT1K9oDaUDRd@aM1GkLbi{)Ma(#i_ui5G`j(PuTIhpoN z73DslYiZhJ`RkA&6EhzH z-bULy5-~dZsg>zZPS-w(zNM;c<#N4ar|5@t2FY2AoF7{4IWYI(=HR-Vl;VtSQGM$z zG&LhNEwesN5|ez&@#LeqJ9NJDsL xX})Fc$L0Fj-&QP|CD!3Bu=aCF X-Patchwork-Id: 712351 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp675735rwb; Thu, 10 Aug 2023 07:25:11 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGdhdTqQch5Dnv1KmxblJwj2EtBTS1H2wlZCX3DjQQeCeBB/Hs3CJ4kZ/Wz6Tqzh/7xyUUw X-Received: by 2002:a5d:684f:0:b0:314:4925:1704 with SMTP id o15-20020a5d684f000000b0031449251704mr2103543wrw.6.1691677511471; Thu, 10 Aug 2023 07:25:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677511; cv=none; d=google.com; s=arc-20160816; b=MbFRP3mGGMR8hR/TjGLJZJKk740PLYTb/9e2brCQVV40dOrqk1WGD7AVgAtL2+4qRR D3021oZoJ7XzSAIdZDXx5XBWGUBrRC6TUwKIdnSud6bh5V7VKbD1duGDJer7dUzs0Jyg PXOKm45PIkq6NgeZxDIpOaYiQeWjbB6eGcSRyC2jCK+ualTPamqu/U735xbCiYQUXmq2 UFpmHYZAstUHMzs9c11U2SNXSSpiXD4kui7kkGIIw5b14N9x+a18ash3J2LU5Mgqvvt1 PM9wzDA1t0t+EHUfcx+CI9ECCs6ztC8ck4/WFX7dEnCQLVsxyDysgsrbG/wXJm94biyw wgtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=k3bloNNk9pq0yc2dxHRR3W99DMOhNojQdN5D0xa4WgE=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=pqAi+gOYyYWBrNol3oDQ+cbNQYLNsllqsfREKjDNTI7h9u1W1+nx/kRHWfoLbkb9/A OhLW0jKe6qjJjzU0xnNBQ8IDhFRYHmw65CsAuzChTMuv2oeQlkLpKn90PNfEJGOQjFkG E8iFYCaCUeTZ0uUAO6kGTl55ZYiyW4/IBuhEZnSRlRleysjh4uW/XBwkYTwA2iXcM9Ih fMGKsR4WaBu38QQ6zzu06QbHalbQyT7galstsjXxSXrJ5RMt86EBMOIzMx3wL+TpBBuk K3yXJIrkB7nLMTagAomAXc1fYLLfHApAq+nlLehi0BcNE6VSydLC/j2hi7qrtKmAw4uv QZgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id v9-20020adfe4c9000000b0031759c70ba2si867389wrm.853.2023.08.10.07.25.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:25:11 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 0D50C868AE; Thu, 10 Aug 2023 16:24:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 38461868BC; Thu, 10 Aug 2023 16:24:32 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id D279C868AE for ; Thu, 10 Aug 2023 16:24:27 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9E054D75; Thu, 10 Aug 2023 07:25:09 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 783603F64C; Thu, 10 Aug 2023 07:24:24 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 4/9] sandbox: Build the mkeficapsule tool for the sandbox variants Date: Thu, 10 Aug 2023 19:53:33 +0530 Message-Id: <20230810142338.3402963-5-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Build the mkeficapsule tool for all the sandbox variants. This tool will be used subsequently for testing capsule generation in binman. Signed-off-by: Sughosh Ganu --- Changes since V7: None tools/Kconfig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/Kconfig b/tools/Kconfig index 6e23f44d55..353a855243 100644 --- a/tools/Kconfig +++ b/tools/Kconfig @@ -91,10 +91,10 @@ config TOOLS_SHA512 Enable SHA512 support in the tools builds config TOOLS_MKEFICAPSULE - bool "Build efimkcapsule command" - default y if EFI_CAPSULE_ON_DISK + bool "Build mkeficapsule tool" + default y if EFI_CAPSULE_ON_DISK || SANDBOX help - This command allows users to create a UEFI capsule file and, + This tool allows users to create a UEFI capsule file and, optionally sign that file. If you want to enable UEFI capsule update feature on your target, you certainly need this. From patchwork Thu Aug 10 14:23:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712356 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp681254rwb; Thu, 10 Aug 2023 07:33:54 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF97A0DbfcKljhubTLAVG52mS1kzq1pLuyNi/87yQSsUNcxWIW24PAdVCL5Hs3CE4sFGtgC X-Received: by 2002:adf:e38b:0:b0:314:4437:beab with SMTP id e11-20020adfe38b000000b003144437beabmr2252059wrm.55.1691678034448; Thu, 10 Aug 2023 07:33:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691678034; cv=none; d=google.com; s=arc-20160816; b=s3kWFJJjEWMwWy3gDjkz+zNSByYEclfEbvS/MfGE910QxJvNfIPG8Rjs6SgQaQxUTv Xi1sHtQZTjGuDVnO1SQ0KUU5aYN7bM8Wns0D+ZhGoNxIkhgUXdkR9I/a7XnMA/UL6lqD TRegzugIk1mnt+kj2Smb8aTJQ71jiJdmpLkmFtFESUbe3cYhn3r14Y1n1NuilFr59WE5 6r+eWjH8EPkq2QszkiSZy/juRAoFAheurVe540nFzhWbL/QWWPsusagKifFbR7DueLZH DGXeDLgVaPl9n1piRcqh4ERoTI352zN5B7I9qi5C/uOJ4YTx2D/xPzjWRP8Q94ilO8sR 8Lqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=dmvMztU00a+bfpD9XRclIEoyzNjsoqkxbmFiB7bKC1Y=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=jbRkxWfE8pXNe8QQRzdsKj0nIat3S0mPVmurIk4UsItBS4Wsx8h42q7vlBOY4Vyl18 nNhl6+C4kIHkCoi5FaufcE1RlJjq8VCJOoNnOHvSTi8gr9bi+esaDmpZCMxZ0DnciiyB NuMhOChVkjfcapid6OxbXA7NnLGJL6xDLcNIFRiNEXp5c8OBDT4Z5M8+UNjAi+UXD+Nq eZDKJ4U0RyfdMq1L1qXAlRkjQOZhtrXHQ4Q0yVGG+tRIPHFs5mcPMT3/y9+9eNJrvhFC cllj7rMqsxqvqgiPNUeHqqDyim0NOmEkTssXdG8LHCFyH9YDtnNplW5oeGlk4d1VdPoH cLeA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id z7-20020adfd0c7000000b00315962f427esi580691wrh.811.2023.08.10.07.33.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:33:54 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 98CEF8687E; Thu, 10 Aug 2023 16:24:41 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 72972868DE; Thu, 10 Aug 2023 16:24:40 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 0C6D486884 for ; Thu, 10 Aug 2023 16:24:31 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E048C113E; Thu, 10 Aug 2023 07:25:12 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id B74513F64C; Thu, 10 Aug 2023 07:24:27 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 5/9] btool: mkeficapsule: Add a bintool for EFI capsule generation Date: Thu, 10 Aug 2023 19:53:34 +0530 Message-Id: <20230810142338.3402963-6-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add a bintool for generating EFI capsules. This calls the mkeficapsule tool which generates the capsules. Signed-off-by: Sughosh Ganu --- Changes since V7: None tools/binman/btool/mkeficapsule.py | 101 +++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 tools/binman/btool/mkeficapsule.py diff --git a/tools/binman/btool/mkeficapsule.py b/tools/binman/btool/mkeficapsule.py new file mode 100644 index 0000000000..61179747ff --- /dev/null +++ b/tools/binman/btool/mkeficapsule.py @@ -0,0 +1,101 @@ +# SPDX-License-Identifier: GPL-2.0+ +# Copyright 2023 Linaro Limited +# +"""Bintool implementation for mkeficapsule tool + +mkeficapsule is a tool used for generating EFI capsules. + +The following are the commandline options to be provided +to the tool +Usage: mkeficapsule [options] +Options: + -g, --guid guid for image blob type + -i, --index update image index + -I, --instance update hardware instance + -v, --fw-version firmware version + -p, --private-key private key file + -c, --certificate signer's certificate file + -m, --monotonic-count monotonic count + -d, --dump_sig dump signature (*.p7) + -A, --fw-accept firmware accept capsule, requires GUID, no image blob + -R, --fw-revert firmware revert capsule, takes no GUID, no image blob + -o, --capoemflag Capsule OEM Flag, an integer between 0x0000 and 0xffff + -h, --help print a help message +""" + +from binman import bintool + +class Bintoolmkeficapsule(bintool.Bintool): + """Handles the 'mkeficapsule' tool + + This bintool is used for generating the EFI capsules. The + capsule generation parameters can either be specified through + commandline, or through a config file. + """ + def __init__(self, name): + super().__init__(name, 'mkeficapsule tool for generating capsules') + + def generate_capsule(self, image_index, image_guid, hardware_instance, + payload, output_fname, priv_key, pub_key, + monotonic_count=0, version=0, oemflags=0): + """Generate a capsule through commandline-provided parameters + + Args: + image_index (int): Unique number for identifying payload image + image_guid (str): GUID used for identifying the image + hardware_instance (int): Optional unique hardware instance of + a device in the system. 0 if not being used + payload (str): Path to the input payload image + output_fname (str): Path to the output capsule file + priv_key (str): Path to the private key + pub_key(str): Path to the public key + monotonic_count (int): Count used when signing an image + version (int): Image version (Optional) + oemflags (int): Optional 16 bit OEM flags + + Returns: + str: Tool output + """ + args = [ + f'--index={image_index}', + f'--guid={image_guid}', + f'--instance={hardware_instance}' + ] + + if version: + args += [f'--fw-version={version}'] + if oemflags: + args += [f'--capoemflag={oemflags}'] + if priv_key and pub_key: + args += [ + f'--monotonic-count={monotonic_count}', + f'--private-key={priv_key}', + f'--certificate={pub_key}' + ] + + args += [ + payload, + output_fname + ] + + return self.run_cmd(*args) + + def fetch(self, method): + """Fetch handler for mkeficapsule + + This builds the tool from source + + Returns: + tuple: + str: Filename of fetched file to copy to a suitable directory + str: Name of temp directory to remove, or None + """ + if method != bintool.FETCH_BUILD: + return None + + cmd = ['tools-only_defconfig', 'tools'] + result = self.build_from_git( + 'https://source.denx.de/u-boot/u-boot.git', + cmd, + 'tools/mkeficapsule') + return result From patchwork Thu Aug 10 14:23:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712352 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp675850rwb; Thu, 10 Aug 2023 07:25:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF7stBcm4KmS65KKqMRT5NGZLCTidRc1VWxe3FIHpQRRZ9hKUGPXRCs+5BcPi39rrNZGM9m X-Received: by 2002:a1c:7408:0:b0:3fe:2108:eb8e with SMTP id p8-20020a1c7408000000b003fe2108eb8emr2088936wmc.34.1691677523951; Thu, 10 Aug 2023 07:25:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677523; cv=none; d=google.com; s=arc-20160816; b=Prn0JFmXuo5sgCMm60kvWix4Hoa6VLyB+DOHXIcGqP8O7RHD/PwsizNwymLb1o0yta cWoYnhja9qiC9z5NKxp8yXcQA3aaq5NYFS3O7lfDSjLCzSxUfh7fFAkGXK3UK7tLF3gH NNJGJy8CmBUjtCoBNjfwiJcJZzIHRV3QFSHmmIiwFVUXnOV3/fPIyyfzyS9A3v1IgYcz b7SWJT80a/F13TFzvQg2kjEEAGQIGlM4C3q5nl3aAjE+MrFrFxRul/Imf/sBpcKF2S2p aGyGdqSSDfsCaFWKkzINGg2Nb2moiYUx3QrQKzS8hO19emcSzYJ1OvWxY/rt5iIk3j3x to/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=jc0gZvM9Fw0fgcpHHuQeUu9U+VQknW7Gg5CG0AEj1Fc=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=1I6ZLpiKP12r5g9cIxEs4n4ZRa7cv22qTZ1kBzJDA1MAL6IHNraV6MPHh2TEuKD1wH PX+oolcytNT1/YLeVII27RF8Kud3XM22AT4MK08T6Mz71IvpclbBfII3IscGPGGQzNn9 wXiJePrkwhXMWjYYYDH2WqGapcpAWLJJ0aV8++0z63JFSUtmHcvEQLiuZitbE7EnJov6 ktLPZhZD56/H+siPdYuU7Rp3IoqQlmhPu/wNLn29ibkpec6lKEm3prhQ6w0o4yhfktol fQfAKH8CtV/jQ10l66kfF6tYPTP20v0aqXHloh3MNhcTjJ5IZBfakwQZl67qG2Cf0xf7 po+g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a11-20020adff7cb000000b003143c650796si884388wrq.51.2023.08.10.07.25.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:25:23 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 57225868D7; Thu, 10 Aug 2023 16:24:39 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 5D365868D6; Thu, 10 Aug 2023 16:24:38 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 960A286886 for ; Thu, 10 Aug 2023 16:24:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6678FD75; Thu, 10 Aug 2023 07:25:16 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 03AB63F64C; Thu, 10 Aug 2023 07:24:30 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 6/9] binman: capsule: Add support for generating EFI capsules Date: Thu, 10 Aug 2023 19:53:35 +0530 Message-Id: <20230810142338.3402963-7-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Add support in binman for generating EFI capsules. The capsule parameters can be specified through the capsule binman entry. Also add test cases in binman for testing capsule generation. Signed-off-by: Sughosh Ganu Reviewed-by: Simon Glass --- Changes since V7: * Rebase on top of current upstream. * Drop the ReadEntries method as suggested by Simon Glass. * Add logic to allow specifying a string 'binman-test' for GUIDs in binman tests. * Add a todo comment for getting the capsule contents from the tool. tools/binman/entries.rst | 64 ++++++++ tools/binman/etype/efi_capsule.py | 143 ++++++++++++++++++ tools/binman/ftest.py | 118 +++++++++++++++ tools/binman/test/311_capsule.dts | 21 +++ tools/binman/test/312_capsule_signed.dts | 23 +++ tools/binman/test/313_capsule_version.dts | 22 +++ tools/binman/test/314_capsule_signed_ver.dts | 24 +++ tools/binman/test/315_capsule_oemflags.dts | 22 +++ tools/binman/test/316_capsule_missing_key.dts | 22 +++ .../binman/test/317_capsule_missing_index.dts | 20 +++ .../binman/test/318_capsule_missing_guid.dts | 19 +++ 11 files changed, 498 insertions(+) create mode 100644 tools/binman/etype/efi_capsule.py create mode 100644 tools/binman/test/311_capsule.dts create mode 100644 tools/binman/test/312_capsule_signed.dts create mode 100644 tools/binman/test/313_capsule_version.dts create mode 100644 tools/binman/test/314_capsule_signed_ver.dts create mode 100644 tools/binman/test/315_capsule_oemflags.dts create mode 100644 tools/binman/test/316_capsule_missing_key.dts create mode 100644 tools/binman/test/317_capsule_missing_index.dts create mode 100644 tools/binman/test/318_capsule_missing_guid.dts diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst index e7dfe6b2a3..801bd94674 100644 --- a/tools/binman/entries.rst +++ b/tools/binman/entries.rst @@ -468,6 +468,70 @@ updating the EC on startup via software sync. +.. _etype_efi_capsule: + +Entry: capsule: Entry for generating EFI Capsule files +------------------------------------------------------ + +The parameters needed for generation of the capsules can be provided +as properties in the entry. + +Properties / Entry arguments: + - image-index: Unique number for identifying corresponding + payload image. Number between 1 and descriptor count, i.e. + the total number of firmware images that can be updated. Mandatory + property. + - image-guid: Image GUID which will be used for identifying the + updatable image on the board. Mandatory property. + - hardware-instance: Optional number for identifying unique + hardware instance of a device in the system. Default value of 0 + for images where value is not to be used. + - fw-version: Value of image version that can be put on the capsule + through the Firmware Management Protocol(FMP) header. + - monotonic-count: Count used when signing an image. + - private-key: Path to PEM formatted .key private key file. Mandatory + property for generating signed capsules. + - public-key-cert: Path to PEM formatted .crt public key certificate + file. Mandatory property for generating signed capsules. + - oem-flags - OEM flags to be passed through capsule header. + + Since this is a subclass of Entry_section, all properties of the parent + class also apply here. Except for the properties stated as mandatory, the + rest of the properties are optional. + +For more details on the description of the capsule format, and the capsule +update functionality, refer Section 8.5 and Chapter 23 in the `UEFI +specification`_. + +The capsule parameters like image index and image GUID are passed as +properties in the entry. The payload to be used in the capsule is to be +provided as a subnode of the capsule entry. + +A typical capsule entry node would then look something like this:: + + capsule { + type = "efi-capsule"; + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + hardware-instance = <0x0>; + private-key = "path/to/the/private/key"; + public-key-cert = "path/to/the/public-key-cert"; + oem-flags = <0x8000>; + + u-boot { + }; + }; + +In the above example, the capsule payload is the U-Boot image. The +capsule entry would read the contents of the payload and put them +into the capsule. Any external file can also be specified as the +payload using the blob-ext subnode. + +.. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf + + + .. _etype_encrypted: Entry: encrypted: Externally built encrypted binary blob diff --git a/tools/binman/etype/efi_capsule.py b/tools/binman/etype/efi_capsule.py new file mode 100644 index 0000000000..006eb630ad --- /dev/null +++ b/tools/binman/etype/efi_capsule.py @@ -0,0 +1,143 @@ +# SPDX-License-Identifier: GPL-2.0+ +# Copyright (c) 2023 Linaro Limited +# +# Entry-type module for producing a EFI capsule +# + +import os + +from binman.entry import Entry +from binman.etype.section import Entry_section +from dtoc import fdt_util +from u_boot_pylib import tools + +class Entry_efi_capsule(Entry_section): + """Generate EFI capsules + + The parameters needed for generation of the capsules can + be provided as properties in the entry. + + Properties / Entry arguments: + - image-index: Unique number for identifying corresponding + payload image. Number between 1 and descriptor count, i.e. + the total number of firmware images that can be updated. Mandatory + property. + - image-guid: Image GUID which will be used for identifying the + updatable image on the board. Mandatory property. + - hardware-instance: Optional number for identifying unique + hardware instance of a device in the system. Default value of 0 + for images where value is not to be used. + - fw-version: Value of image version that can be put on the capsule + through the Firmware Management Protocol(FMP) header. + - monotonic-count: Count used when signing an image. + - private-key: Path to PEM formatted .key private key file. Mandatory + property for generating signed capsules. + - public-key-cert: Path to PEM formatted .crt public key certificate + file. Mandatory property for generating signed capsules. + - oem-flags - OEM flags to be passed through capsule header. + + Since this is a subclass of Entry_section, all properties of the parent + class also apply here. Except for the properties stated as mandatory, the + rest of the properties are optional. + + For more details on the description of the capsule format, and the capsule + update functionality, refer Section 8.5 and Chapter 23 in the `UEFI + specification`_. + + The capsule parameters like image index and image GUID are passed as + properties in the entry. The payload to be used in the capsule is to be + provided as a subnode of the capsule entry. + + A typical capsule entry node would then look something like this + + capsule { + type = "efi-capsule"; + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + hardware-instance = <0x0>; + private-key = "path/to/the/private/key"; + public-key-cert = "path/to/the/public-key-cert"; + oem-flags = <0x8000>; + + u-boot { + }; + }; + + In the above example, the capsule payload is the U-Boot image. The + capsule entry would read the contents of the payload and put them + into the capsule. Any external file can also be specified as the + payload using the blob-ext subnode. + + .. _`UEFI specification`: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf + """ + def __init__(self, section, etype, node): + super().__init__(section, etype, node) + self.required_props = ['image-index', 'image-guid'] + self.image_index = 0 + self.image_guid = '' + self.hardware_instance = 0 + self.monotonic_count = 0 + self.fw_version = 0 + self.oem_flags = 0 + self.private_key = '' + self.public_key_cert = '' + self.auth = 0 + + def ReadNode(self): + super().ReadNode() + + self.image_index = fdt_util.GetInt(self._node, 'image-index') + self.image_guid = fdt_util.GetString(self._node, 'image-guid') + self.fw_version = fdt_util.GetInt(self._node, 'fw-version') + self.hardware_instance = fdt_util.GetInt(self._node, 'hardware-instance') + self.monotonic_count = fdt_util.GetInt(self._node, 'monotonic-count') + self.oem_flags = fdt_util.GetInt(self._node, 'oem-flags') + + self.private_key = fdt_util.GetString(self._node, 'private-key') + self.public_key_cert = fdt_util.GetString(self._node, 'public-key-cert') + if ((self.private_key and not self.public_key_cert) or (self.public_key_cert and not self.private_key)): + self.Raise('Both private key and public key certificate need to be provided') + elif not (self.private_key and self.public_key_cert): + self.auth = 0 + else: + self.auth = 1 + + def BuildSectionData(self, required): + def get_binman_test_guid(type_str): + TYPE_TO_GUID = { + 'binman-test' : '09d7cf52-0720-4710-91d1-08469b7fe9c8' + } + return TYPE_TO_GUID[type_str] + + private_key = '' + public_key_cert = '' + if self.auth: + if not os.path.isabs(self.private_key): + private_key = tools.get_input_filename(self.private_key) + if not os.path.isabs(self.public_key_cert): + public_key_cert = tools.get_input_filename(self.public_key_cert) + data, payload, uniq = self.collect_contents_to_file( + self._entries.values(), 'capsule_in') + outfile = self._filename if self._filename else 'capsule.%s' % uniq + capsule_fname = tools.get_output_filename(outfile) + guid = self.image_guid + if self.image_guid == "binman-test": + guid = get_binman_test_guid('binman-test') + + ret = self.mkeficapsule.generate_capsule(self.image_index, + guid, + self.hardware_instance, + payload, + capsule_fname, + private_key, + public_key_cert, + self.monotonic_count, + self.fw_version, + self.oem_flags) + if ret is not None: + os.remove(payload) + return tools.read_file(capsule_fname) + + def AddBintools(self, btools): + self.mkeficapsule = self.AddBintool(btools, 'mkeficapsule') diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index 1293e9dbf4..8e419645a6 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -48,6 +48,7 @@ U_BOOT_VPL_DATA = b'vpl76543210fedcbazywxyz_' BLOB_DATA = b'89' ME_DATA = b'0abcd' VGA_DATA = b'vga' +EFI_CAPSULE_DATA = b'efi' U_BOOT_DTB_DATA = b'udtb' U_BOOT_SPL_DTB_DATA = b'spldtb' U_BOOT_TPL_DTB_DATA = b'tpldtb' @@ -119,6 +120,11 @@ COMP_BINTOOLS = ['bzip2', 'gzip', 'lz4', 'lzma_alone', 'lzop', 'xz', 'zstd'] TEE_ADDR = 0x5678 +# Firmware Management Protocol(FMP) GUID +FW_MGMT_GUID = 'edd5cb6d2de8444cbda17194199ad92a' +# Image GUID specified in the DTS +CAPSULE_IMAGE_GUID = '52cfd7092007104791d108469b7fe9c8' + class TestFunctional(unittest.TestCase): """Functional tests for binman @@ -215,6 +221,7 @@ class TestFunctional(unittest.TestCase): TestFunctional._MakeInputFile('scp.bin', SCP_DATA) TestFunctional._MakeInputFile('rockchip-tpl.bin', ROCKCHIP_TPL_DATA) TestFunctional._MakeInputFile('ti_unsecure.bin', TI_UNSECURE_DATA) + TestFunctional._MakeInputFile('capsule_input.bin', EFI_CAPSULE_DATA) # Add a few .dtb files for testing TestFunctional._MakeInputFile('%s/test-fdt1.dtb' % TEST_FDT_SUBDIR, @@ -7216,5 +7223,116 @@ fdt fdtmap Extract the devicetree blob from the fdtmap self.assertRegex(err, "Image 'image'.*missing bintools.*: bootgen") + def _CheckCapsule(self, data, signed_capsule=False, version_check=False, + capoemflags=False): + fmp_signature = "4d535331" # 'M', 'S', 'S', '1' + fmp_size = "10" + fmp_fw_version = "02" + oemflag = "0080" + + payload_data = EFI_CAPSULE_DATA + + # TODO - Currently, these offsets for capsule fields are hardcoded. + # There are plans to add support to the mkeficapsule tool to dump + # the capsule contents which can then be used for capsule + # verification. + + # Firmware Management Protocol(FMP) GUID - offset(0 - 32) + self.assertEqual(FW_MGMT_GUID, data.hex()[:32]) + # Image GUID - offset(96 - 128) + self.assertEqual(CAPSULE_IMAGE_GUID, data.hex()[96:128]) + + if capoemflags: + # OEM Flags - offset(40 - 44) + self.assertEqual(oemflag, data.hex()[40:44]) + if signed_capsule and version_check: + # FMP header signature - offset(4770 - 4778) + self.assertEqual(fmp_signature, data.hex()[4770:4778]) + # FMP header size - offset(4778 - 4780) + self.assertEqual(fmp_size, data.hex()[4778:4780]) + # firmware version - offset(4786 - 4788) + self.assertEqual(fmp_fw_version, data.hex()[4786:4788]) + # payload offset signed capsule(4802 - 4808) + self.assertEqual(payload_data.hex(), data.hex()[4802:4808]) + elif signed_capsule: + # payload offset signed capsule(4770 - 4776) + self.assertEqual(payload_data.hex(), data.hex()[4770:4776]) + elif version_check: + # FMP header signature - offset(184 - 192) + self.assertEqual(fmp_signature, data.hex()[184:192]) + # FMP header size - offset(192 - 194) + self.assertEqual(fmp_size, data.hex()[192:194]) + # firmware version - offset(200 - 202) + self.assertEqual(fmp_fw_version, data.hex()[200:202]) + # payload offset for non-signed capsule with version header(216 - 222) + self.assertEqual(payload_data.hex(), data.hex()[216:222]) + else: + # payload offset for non-signed capsule with no version header(184 - 190) + self.assertEqual(payload_data.hex(), data.hex()[184:190]) + + def testCapsuleGen(self): + """Test generation of EFI capsule""" + data = self._DoReadFile('311_capsule.dts') + + self._CheckCapsule(data) + + def testSignedCapsuleGen(self): + """Test generation of EFI capsule""" + data = tools.read_file(self.TestFile("key.key")) + self._MakeInputFile("key.key", data) + data = tools.read_file(self.TestFile("key.pem")) + self._MakeInputFile("key.crt", data) + + data = self._DoReadFile('312_capsule_signed.dts') + + self._CheckCapsule(data, signed_capsule=True) + + def testCapsuleGenVersionSupport(self): + """Test generation of EFI capsule with version support""" + data = self._DoReadFile('313_capsule_version.dts') + + self._CheckCapsule(data, version_check=True) + + def testCapsuleGenSignedVer(self): + """Test generation of signed EFI capsule with version information""" + data = tools.read_file(self.TestFile("key.key")) + self._MakeInputFile("key.key", data) + data = tools.read_file(self.TestFile("key.pem")) + self._MakeInputFile("key.crt", data) + + data = self._DoReadFile('314_capsule_signed_ver.dts') + + self._CheckCapsule(data, signed_capsule=True, version_check=True) + + def testCapsuleGenCapOemFlags(self): + """Test generation of EFI capsule with OEM Flags set""" + data = self._DoReadFile('315_capsule_oemflags.dts') + + self._CheckCapsule(data, capoemflags=True) + + def testCapsuleGenKeyMissing(self): + """Test that binman errors out on missing key""" + with self.assertRaises(ValueError) as e: + self._DoReadFile('316_capsule_missing_key.dts') + + self.assertIn("Both private key and public key certificate need to be provided", + str(e.exception)) + + def testCapsuleGenIndexMissing(self): + """Test that binman errors out on missing image index""" + with self.assertRaises(ValueError) as e: + self._DoReadFile('317_capsule_missing_index.dts') + + self.assertIn("entry is missing properties: image-index", + str(e.exception)) + + def testCapsuleGenGuidMissing(self): + """Test that binman errors out on missing image GUID""" + with self.assertRaises(ValueError) as e: + self._DoReadFile('318_capsule_missing_guid.dts') + + self.assertIn("entry is missing properties: image-guid", + str(e.exception)) + if __name__ == "__main__": unittest.main() diff --git a/tools/binman/test/311_capsule.dts b/tools/binman/test/311_capsule.dts new file mode 100644 index 0000000000..8eb4250b14 --- /dev/null +++ b/tools/binman/test/311_capsule.dts @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/312_capsule_signed.dts b/tools/binman/test/312_capsule_signed.dts new file mode 100644 index 0000000000..d1c76e269c --- /dev/null +++ b/tools/binman/test/312_capsule_signed.dts @@ -0,0 +1,23 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + private-key = "key.key"; + public-key-cert = "key.crt"; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/313_capsule_version.dts b/tools/binman/test/313_capsule_version.dts new file mode 100644 index 0000000000..bafef3609e --- /dev/null +++ b/tools/binman/test/313_capsule_version.dts @@ -0,0 +1,22 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/314_capsule_signed_ver.dts b/tools/binman/test/314_capsule_signed_ver.dts new file mode 100644 index 0000000000..85c784bba4 --- /dev/null +++ b/tools/binman/test/314_capsule_signed_ver.dts @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + fw-version = <0x2>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + private-key = "key.key"; + public-key-cert = "key.crt"; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/315_capsule_oemflags.dts b/tools/binman/test/315_capsule_oemflags.dts new file mode 100644 index 0000000000..f736e8758f --- /dev/null +++ b/tools/binman/test/315_capsule_oemflags.dts @@ -0,0 +1,22 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + oem-flags = <0x8000>; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/316_capsule_missing_key.dts b/tools/binman/test/316_capsule_missing_key.dts new file mode 100644 index 0000000000..2080b50e3d --- /dev/null +++ b/tools/binman/test/316_capsule_missing_key.dts @@ -0,0 +1,22 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + private-key = "tools/binman/test/key.key"; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/317_capsule_missing_index.dts b/tools/binman/test/317_capsule_missing_index.dts new file mode 100644 index 0000000000..aadb61f647 --- /dev/null +++ b/tools/binman/test/317_capsule_missing_index.dts @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + /* Image GUID for testing capsule update */ + image-guid = "binman-test"; + hardware-instance = <0x0>; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; diff --git a/tools/binman/test/318_capsule_missing_guid.dts b/tools/binman/test/318_capsule_missing_guid.dts new file mode 100644 index 0000000000..d76afba853 --- /dev/null +++ b/tools/binman/test/318_capsule_missing_guid.dts @@ -0,0 +1,19 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + efi-capsule { + image-index = <0x1>; + hardware-instance = <0x0>; + + blob { + filename = "capsule_input.bin"; + }; + }; + }; +}; From patchwork Thu Aug 10 14:23:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712353 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp676096rwb; Thu, 10 Aug 2023 07:25:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHstbiHzVVSBoUI7iXvgY2U8md6H3W657mMpID6Oaxi6ruBYFTuLHlit94epkW6sPeIjaIx X-Received: by 2002:a7b:c854:0:b0:3fc:f9c:a3e6 with SMTP id c20-20020a7bc854000000b003fc0f9ca3e6mr2118164wml.9.1691677546443; Thu, 10 Aug 2023 07:25:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677546; cv=none; d=google.com; s=arc-20160816; b=fPd9bEqDqp03FYuV94E8EAKoBQblZBMWyLFtFk7iR52QFHG/GUrCgjjJy7Tq0KTHpX rXn/HCIQhYtEHBiax62lkw8nt/Px+/z6Wg/ovuM7rj7veSVj4YRwBq4tlCRHlf8jQn+t vipuMClKt7HP4iJp4KTNeuY7QuOg3JWl0V0BDYgmeFf7F3v2b2c7zQrFmd/HotntXX17 rDr0oWh2IvCZn4LmqNuoM4YwGsDqLg5h85GTqM4SseIsz1R6O3J0kgHrh56vCm9deFc/ asrVM7pDZtumcEsJ5v9gn2D+HQiSNNmBvKuma04KHPAmEtL01pd3GDk8aUabU+vhRlIM uPYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=8mdM7rUl1oAqn8U00PbaQWtqUVjQddrFERcACPD22Oo=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=Ol8brdJ/aSmOXUAxmjcdMhu5dZQurf1m1WW/P0nV34v38rcGbkAEVf5Yod4jsSAUc/ vTwF+dR84WcExvGptQ6mIxMnBTDa4ePi9+C7+letIF23fnEH+b9DaROwhkbfm4pj2+64 7zKIf4l6803vA0bgPeBxexb2b+y/x5nlLZGKE8PR0RD1d95UvpF4/XrA8TWQFOIhsh5E m4Ir+Ziu6ZkaMH+h8cUI2Dl0KGo6H1Ui4CrBSyZ9vdhWAiqoDvXIYZ0DOA8NEiABejvm ZhOWggMMX58+Dtemio2S9rN1IDzA4Te/ZBBZEiX08LxDiZ2MV1se9SAgIK3sHQg1XWdA NwMw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id x2-20020a05600c420200b003fbe3769d17si994950wmh.122.2023.08.10.07.25.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:25:46 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id DB011868F0; Thu, 10 Aug 2023 16:24:41 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 8239A868B6; Thu, 10 Aug 2023 16:24:40 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 0BE10868D3 for ; Thu, 10 Aug 2023 16:24:38 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E3802139F; Thu, 10 Aug 2023 07:25:19 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 809663F64C; Thu, 10 Aug 2023 07:24:34 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 7/9] sandbox: capsule: Generate capsule related files through binman Date: Thu, 10 Aug 2023 19:53:36 +0530 Message-Id: <20230810142338.3402963-8-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean The EFI capsule files can now be generated as part of u-boot build through binman. Add capsule entry nodes for the sandbox architecture for generating the capsules. These capsules are then used for testing the EFI capsule update functionality on the sandbox platforms. Remove the corresponding logic in the test setup which was used for generation of these capsule which is now superfluous. Signed-off-by: Sughosh Ganu --- Changes since V7: * Move the capsule generation logic to sandbox_capsule.dtsi and include that explicitly in test.dts and sandbox.dts. * Drop the u-boot.dtsi file which kept the capsule and signature nodes. * Remove capsule generation logic from capsule update test setup. * Keep the logic to embed the public key in DTB in the test setup. arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox_capsule.dtsi | 340 ++++++++++++++++++ arch/sandbox/dts/test.dts | 4 + include/sandbox_efi_capsule.h | 21 ++ test/py/tests/test_efi_capsule/conftest.py | 155 +------- .../tests/test_efi_capsule/uboot_bin_env.its | 36 -- 6 files changed, 385 insertions(+), 175 deletions(-) create mode 100644 arch/sandbox/dts/sandbox_capsule.dtsi create mode 100644 include/sandbox_efi_capsule.h delete mode 100644 test/py/tests/test_efi_capsule/uboot_bin_env.its diff --git a/arch/sandbox/dts/sandbox.dts b/arch/sandbox/dts/sandbox.dts index 12d3eff5fa..8d234ed216 100644 --- a/arch/sandbox/dts/sandbox.dts +++ b/arch/sandbox/dts/sandbox.dts @@ -106,3 +106,7 @@ #if IS_ENABLED(CONFIG_SUPPORT_VPL) #include "sandbox_vpl.dtsi" #endif + +#ifdef CONFIG_EFI_HAVE_CAPSULE_SUPPORT +#include "sandbox_capsule.dtsi" +#endif diff --git a/arch/sandbox/dts/sandbox_capsule.dtsi b/arch/sandbox/dts/sandbox_capsule.dtsi new file mode 100644 index 0000000000..c38fbd33b1 --- /dev/null +++ b/arch/sandbox/dts/sandbox_capsule.dtsi @@ -0,0 +1,340 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Devicetree file with binman nodes for generating capsules. + */ + +#include + +/ { + binman: binman { + multiple-images; + }; +}; + +&binman { + itb { + filename = UBOOT_FIT_IMAGE; + + fit { + description = "Automatic U-Boot environment update"; + #address-cells = <2>; + + images { + u-boot-bin { + description = "U-Boot binary on SPI Flash"; + compression = "none"; + type = "firmware"; + arch = "sandbox"; + load = <0>; + text { + text = "u-boot:New"; + }; + + hash-1 { + algo = "sha1"; + }; + }; + u-boot-env { + description = "U-Boot environment on SPI Flash"; + compression = "none"; + type = "firmware"; + arch = "sandbox"; + load = <0>; + text { + text = "u-boot-env:New"; + }; + + hash-1 { + algo = "sha1"; + }; + }; + }; + }; + }; + + capsule1 { + filename = "Test01"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule2 { + filename = "Test02"; + capsule { + type = "efi-capsule"; + image-index = <0x2>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule3 { + filename = "Test03"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_INCORRECT_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule4 { + filename = "Test04"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule5 { + filename = "Test05"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_INCORRECT_GUID; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule6 { + filename = "Test101"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule7 { + filename = "Test102"; + capsule { + type = "efi-capsule"; + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule8 { + filename = "Test103"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule9 { + filename = "Test104"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule10 { + filename = "Test105"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + +#ifdef CONFIG_EFI_CAPSULE_AUTHENTICATE + capsule11 { + filename = "Test11"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule12 { + filename = "Test12"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_INVAL_KEY; + public-key-cert = CAPSULE_INVAL_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule13 { + filename = "Test13"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule14 { + filename = "Test14"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + private-key = CAPSULE_INVAL_KEY; + public-key-cert = CAPSULE_INVAL_PUB_KEY; + monotonic-count = <0x1>; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule15 { + filename = "Test111"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule16 { + filename = "Test112"; + capsule { + type = "efi-capsule"; + image-index = <0x2>; + fw-version = <0xa>; + image-guid = SANDBOX_UBOOT_ENV_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot-env:New"; + }; + }; + }; + + capsule17 { + filename = "Test113"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_UBOOT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + text { + text = "u-boot:New"; + }; + }; + }; + + capsule18 { + filename = "Test114"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x5>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; + + capsule19 { + filename = "Test115"; + capsule { + type = "efi-capsule"; + image-index = <0x1>; + fw-version = <0x2>; + image-guid = SANDBOX_FIT_IMAGE_GUID; + private-key = CAPSULE_PRIV_KEY; + public-key-cert = CAPSULE_PUB_KEY; + monotonic-count = <0x1>; + + blob { + filename = UBOOT_FIT_IMAGE; + }; + }; + }; +#endif /* CONFIG_EFI_CAPSULE_AUTHENTICATE */ +}; diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts index f351d5cb84..acbe0046ad 100644 --- a/arch/sandbox/dts/test.dts +++ b/arch/sandbox/dts/test.dts @@ -1849,3 +1849,7 @@ #endif #include "cedit.dtsi" + +#ifdef CONFIG_EFI_CAPSULE_AUTHENTICATE +#include "sandbox_capsule.dtsi" +#endif diff --git a/include/sandbox_efi_capsule.h b/include/sandbox_efi_capsule.h new file mode 100644 index 0000000000..3e288e8a84 --- /dev/null +++ b/include/sandbox_efi_capsule.h @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2023, Linaro Limited + */ + +#if !defined(_SANDBOX_EFI_CAPSULE_H_) +#define _SANDBOX_EFI_CAPSULE_H_ + +#define SANDBOX_UBOOT_IMAGE_GUID "09d7cf52-0720-4710-91d1-08469b7fe9c8" +#define SANDBOX_UBOOT_ENV_IMAGE_GUID "5a7021f5-fef2-48b4-aaba-832e777418c0" +#define SANDBOX_FIT_IMAGE_GUID "3673b45d-6a7c-46f3-9e60-adabb03f7937" +#define SANDBOX_INCORRECT_GUID "058b7d83-50d5-4c47-a195-60d86ad341c4" + +#define UBOOT_FIT_IMAGE "u-boot_bin_env.itb" + +#define CAPSULE_PRIV_KEY "capsule_priv_key_good.key" +#define CAPSULE_PUB_KEY "capsule_pub_key_good.crt" +#define CAPSULE_INVAL_KEY "capsule_priv_key_bad.key" +#define CAPSULE_INVAL_PUB_KEY "capsule_pub_key_bad.crt" + +#endif /* _SANDBOX_EFI_CAPSULE_H_ */ diff --git a/test/py/tests/test_efi_capsule/conftest.py b/test/py/tests/test_efi_capsule/conftest.py index 054be1ee97..7eead9bc64 100644 --- a/test/py/tests/test_efi_capsule/conftest.py +++ b/test/py/tests/test_efi_capsule/conftest.py @@ -34,15 +34,20 @@ def efi_capsule_data(request, u_boot_config): capsule_auth_enabled = u_boot_config.buildconfig.get( 'config_efi_capsule_authenticate') + key_dir = u_boot_config.source_dir + '/board/sandbox' if capsule_auth_enabled: - # Create private key (SIGNER.key) and certificate (SIGNER.crt) - check_call('cd %s; ' - 'openssl req -x509 -sha256 -newkey rsa:2048 ' - '-subj /CN=TEST_SIGNER/ -keyout SIGNER.key ' - '-out SIGNER.crt -nodes -days 365' - % data_dir, shell=True) - check_call('cd %s; %scert-to-efi-sig-list SIGNER.crt SIGNER.esl' - % (data_dir, EFITOOLS_PATH), shell=True) + # Get the keys from the board directory + check_call('cp %s/capsule_priv_key_good.key %s/SIGNER.key' + % (key_dir, data_dir), shell=True) + check_call('cp %s/capsule_pub_key_good.crt %s/SIGNER.crt' + % (key_dir, data_dir), shell=True) + check_call('cp %s/capsule_pub_esl_good.esl %s/SIGNER.esl' + % (key_dir, data_dir), shell=True) + + check_call('cp %s/capsule_priv_key_bad.key %s/SIGNER2.key' + % (key_dir, data_dir), shell=True) + check_call('cp %s/capsule_pub_key_bad.crt %s/SIGNER2.crt' + % (key_dir, data_dir), shell=True) # Update dtb adding capsule certificate check_call('cd %s; ' @@ -54,14 +59,6 @@ def efi_capsule_data(request, u_boot_config): '-o test_sig.dtb signature.dtbo' % (data_dir, u_boot_config.build_dir), shell=True) - # Create *malicious* private key (SIGNER2.key) and certificate - # (SIGNER2.crt) - check_call('cd %s; ' - 'openssl req -x509 -sha256 -newkey rsa:2048 ' - '-subj /CN=TEST_SIGNER/ -keyout SIGNER2.key ' - '-out SIGNER2.crt -nodes -days 365' - % data_dir, shell=True) - # Update dtb to add the version information check_call('cd %s; ' 'cp %s/test/py/tests/test_efi_capsule/version.dts .' @@ -79,132 +76,12 @@ def efi_capsule_data(request, u_boot_config): '-o test_ver.dtb version.dtbo' % (data_dir, u_boot_config.build_dir), shell=True) - # Create capsule files + + check_call('cp %s/u-boot_bin_env.itb %s ' % (u_boot_config.build_dir, data_dir), shell=True) + check_call('cp %s/Test* %s ' % (u_boot_config.build_dir, data_dir), shell=True) # two regions: one for u-boot.bin and the other for u-boot.env check_call('cd %s; echo -n u-boot:Old > u-boot.bin.old; echo -n u-boot:New > u-boot.bin.new; echo -n u-boot-env:Old > u-boot.env.old; echo -n u-boot-env:New > u-boot.env.new' % data_dir, shell=True) - check_call('sed -e \"s?BINFILE1?u-boot.bin.new?\" -e \"s?BINFILE2?u-boot.env.new?\" %s/test/py/tests/test_efi_capsule/uboot_bin_env.its > %s/uboot_bin_env.its' % - (u_boot_config.source_dir, data_dir), - shell=True) - check_call('cd %s; %s/tools/mkimage -f uboot_bin_env.its uboot_bin_env.itb' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test01' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 2 --guid 5A7021F5-FEF2-48B4-AABA-832E777418C0 u-boot.env.new Test02' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 058B7D83-50D5-4C47-A195-60D86AD341C4 u-boot.bin.new Test03' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test04' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --guid 058B7D83-50D5-4C47-A195-60D86AD341C4 uboot_bin_env.itb Test05' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --fw-version 5 ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test101' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 2 --fw-version 10 ' - '--guid 5A7021F5-FEF2-48B4-AABA-832E777418C0 u-boot.env.new Test102' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --fw-version 2 ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 u-boot.bin.new Test103' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --fw-version 5 ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test104' % - (data_dir, u_boot_config.build_dir), - shell=True) - check_call('cd %s; %s/tools/mkeficapsule --index 1 --fw-version 2 ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 uboot_bin_env.itb Test105' % - (data_dir, u_boot_config.build_dir), - shell=True) - - if capsule_auth_enabled: - # raw firmware signed with proper key - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' - 'u-boot.bin.new Test11' - % (data_dir, u_boot_config.build_dir), - shell=True) - # raw firmware signed with *mal* key - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--private-key SIGNER2.key ' - '--certificate SIGNER2.crt ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' - 'u-boot.bin.new Test12' - % (data_dir, u_boot_config.build_dir), - shell=True) - # FIT firmware signed with proper key - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' - 'uboot_bin_env.itb Test13' - % (data_dir, u_boot_config.build_dir), - shell=True) - # FIT firmware signed with *mal* key - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--private-key SIGNER2.key ' - '--certificate SIGNER2.crt ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' - 'uboot_bin_env.itb Test14' - % (data_dir, u_boot_config.build_dir), - shell=True) - # raw firmware signed with proper key with version information - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--fw-version 5 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' - 'u-boot.bin.new Test111' - % (data_dir, u_boot_config.build_dir), - shell=True) - # raw firmware signed with proper key with version information - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 2 --monotonic-count 1 ' - '--fw-version 10 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 5A7021F5-FEF2-48B4-AABA-832E777418C0 ' - 'u-boot.env.new Test112' - % (data_dir, u_boot_config.build_dir), - shell=True) - # raw firmware signed with proper key with lower version information - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--fw-version 2 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 09D7CF52-0720-4710-91D1-08469B7FE9C8 ' - 'u-boot.bin.new Test113' - % (data_dir, u_boot_config.build_dir), - shell=True) - # FIT firmware signed with proper key with version information - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--fw-version 5 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' - 'uboot_bin_env.itb Test114' - % (data_dir, u_boot_config.build_dir), - shell=True) - # FIT firmware signed with proper key with lower version information - check_call('cd %s; ' - '%s/tools/mkeficapsule --index 1 --monotonic-count 1 ' - '--fw-version 2 ' - '--private-key SIGNER.key --certificate SIGNER.crt ' - '--guid 3673B45D-6A7C-46F3-9E60-ADABB03F7937 ' - 'uboot_bin_env.itb Test115' - % (data_dir, u_boot_config.build_dir), - shell=True) # Create a disk image with EFI system partition check_call('virt-make-fs --partition=gpt --size=+1M --type=vfat %s %s' % diff --git a/test/py/tests/test_efi_capsule/uboot_bin_env.its b/test/py/tests/test_efi_capsule/uboot_bin_env.its deleted file mode 100644 index fc65907481..0000000000 --- a/test/py/tests/test_efi_capsule/uboot_bin_env.its +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Automatic software update for U-Boot - * Make sure the flashing addresses ('load' prop) is correct for your board! - */ - -/dts-v1/; - -/ { - description = "Automatic U-Boot environment update"; - #address-cells = <2>; - - images { - u-boot-bin { - description = "U-Boot binary on SPI Flash"; - data = /incbin/("BINFILE1"); - compression = "none"; - type = "firmware"; - arch = "sandbox"; - load = <0>; - hash-1 { - algo = "sha1"; - }; - }; - u-boot-env { - description = "U-Boot environment on SPI Flash"; - data = /incbin/("BINFILE2"); - compression = "none"; - type = "firmware"; - arch = "sandbox"; - load = <0>; - hash-1 { - algo = "sha1"; - }; - }; - }; -}; From patchwork Thu Aug 10 14:23:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712355 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp676477rwb; Thu, 10 Aug 2023 07:26:22 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEV/i6ZcKKdp6FnoNEjtJXnsiPyX8WwRhpwfK21y5Mm8qgMvDc0/Rnc9rYktQD2MjYPKnHO X-Received: by 2002:adf:f9cb:0:b0:317:650e:9030 with SMTP id w11-20020adff9cb000000b00317650e9030mr2170795wrr.57.1691677581765; Thu, 10 Aug 2023 07:26:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677581; cv=none; d=google.com; s=arc-20160816; b=wPbMLk5xRqp9hkkn+QdYOK8KKkhM/DtnSFAsRqN5GRo3w0aR9tDUybjIEaqnpGzVA1 kDH9ltPR+2v+MlgKPvj1okaB7wLzjnFLQWf+gVvuRFE5gvaA4z1Sq62CfJy42KY6xrWZ BCU4/uiWW8dLId9F34gdxPcscH/WyCxyzCQM3KwIh7jF+V8MAxvwzVE0jEqFhozuQOMB d5ClBV+l5ccsVIM9fPQ9YPlZcwhREOO2dB+iO4dwEgshy11a/kCAY98bulYobJe7YtLQ bwYHvFsZIbfoz7sBDahta9vdH88C7D5586UsMz30yHV7hFQZDHOHk+5ilWI2+4AJFB++ 9tbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=9MvmSXLwLsej0+6QtCm3Z2ZPe6MkpwSzGiLVcW5PY5I=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=0kjNtOxfi7eDfTaoRR9WE5eioa2cNQeOF8bu0niPK3yQuwBIuEn9h0F2bD+97OxbcA aniCPhtvIR0tIEvj+Yi2g9xhJihK0OlaH4TL5nnp1/ejs8xu49brgyDpZ0or5urAUi0N lOq8m09GZifgQp1FwOODNs1bnKRb/Z9t01xe1mJoy36LCnT/507nAA2yJWI/yRuRHMMR /ZRY6GZsULZ6FAPULSn8kMyopQOVeIerCtEEWBpYivXL85VnR5PcxXoiSYgtJe/7PcFJ 0L8vNZy/x3635Qa4khK3L7Ps3kHOlpvbTuKn4/NcoqOW5AHmnvw4BUd4KCAPcat9N8ED 9Tbw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id w1-20020adfcd01000000b003177c7bb985si881740wrm.523.2023.08.10.07.25.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:26:21 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2C13A868F4; Thu, 10 Aug 2023 16:24:52 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 0BA72868DF; Thu, 10 Aug 2023 16:24:51 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 42308868E5 for ; Thu, 10 Aug 2023 16:24:41 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 2F9D0139F; Thu, 10 Aug 2023 07:25:23 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 095C13F64C; Thu, 10 Aug 2023 07:24:37 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 8/9] doc: Add documentation to highlight capsule generation related updates Date: Thu, 10 Aug 2023 19:53:37 +0530 Message-Id: <20230810142338.3402963-9-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean The EFI capsules can now be generated as part of u-boot build, through binman. Highlight these changes in the documentation. Signed-off-by: Sughosh Ganu Acked-by: Heinrich Schuchardt --- Changess since V7: * Change the name of the file which contains the capsule entry binman nodes. doc/develop/uefi/uefi.rst | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/doc/develop/uefi/uefi.rst b/doc/develop/uefi/uefi.rst index a7a41f2fac..93266da45e 100644 --- a/doc/develop/uefi/uefi.rst +++ b/doc/develop/uefi/uefi.rst @@ -318,6 +318,9 @@ Run the following command --guid \ +Capsule with firmware version +***************************** + The UEFI specification does not define the firmware versioning mechanism. EDK II reference implementation inserts the FMP Payload Header right before the payload. It coutains the fw_version and lowest supported version, @@ -345,6 +348,19 @@ add --fw-version option in mkeficapsule tool. If the --fw-version option is not set, FMP Payload Header is not inserted and fw_version is set as 0. +Capsule Generation through binman +********************************* + +Support has also been added to generate capsules during u-boot build +through binman. This requires the platform's DTB to be populated with +the capsule entry nodes for binman. The capsules then can be generated +by specifying the capsule parameters either through a config file, or +by specifying them as properties in the capsule entry node. + +Check the arch/sandbox/dts/sandbox_capsule.dtsi file for the sandbox +platform as reference for how to generate capsules through binman as +part of u-boot build. + Performing the update ********************* From patchwork Thu Aug 10 14:23:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sughosh Ganu X-Patchwork-Id: 712354 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:baf:b0:129:c516:61db with SMTP id gf47csp676329rwb; Thu, 10 Aug 2023 07:26:07 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFLWBlfYcsYl1zWtIsziroFBR6s8Z7JD2qKqw7OGuZID9JNv3D+ZYxpcD6OcPc1lCyBaxau X-Received: by 2002:a5d:4a4d:0:b0:317:f1d6:9977 with SMTP id v13-20020a5d4a4d000000b00317f1d69977mr1577150wrs.25.1691677567544; Thu, 10 Aug 2023 07:26:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691677567; cv=none; d=google.com; s=arc-20160816; b=g85F98mc1S8brphpR45bMJVEU0/sPXV+sIHU+gLfChWwKjMElaa/QdFzrUm7iJt9XD GFX5yltDqfdMLcTyGzueRFZ5j5XY7xxmMPIl4R30WsfgOAwMCf3IAYktuEMyIdlpfA4J vT2wTGgLDk5jSN4jypEmQEWL0qfyjGSl6mjiVO/N0F0lTMwoxvlspKBvkgOZWoquKsHI 7I1k3YB0bt2lE2rYtWRxIIf++oY4MP0eckw8xdzOHB9iTdKzXZszGwAMnQ6ZyspdSvAt cK5NwiKmHoJsLWBPRPiOup2M2v1Vce2Y0xj9zBRGgRp+lCBEeMZhReLgW6ZwbwuC/9Cy LDnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=fKtbuTIWfTz5lWOAA1Ag4pifTqRQ1twrJN003FmQNq0=; fh=pvWoYJ8DnC9IyTD46q2s71hlWpPSBdE/YYp0/eyIYcc=; b=hd2aH4tqVg9v9RiZOmOmfozFV7sVJy6wfq8YfOZvqNWWFyTt1Mkee673AQ4dr7tCqm RPBG6l9vOXVa2VxA76snSDS20xAGv4YCdVmJwVP0ZiDpPugucWDc+fCVUVEc8PzbWXw1 oOdCIFvEOEzph/XRaIrNcONvpZxAQGYxGAc2/4aSpyQvrzC9/e3B1pi7JjhGr3fcJ51F NZLAhVO0Cp15APv09F7ApTKySv30MDnXl5a/Jhq6mGLcaPsYmSChbZXb4XJWlq0oXcUS XaWeP5EkFu2r3VYgC24WkE+oVclbgfyIklcw0BdDDG8Khevwqizqs93KPlftVWhKYosA 90Mw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id h6-20020adffd46000000b003141a98a08esi879808wrs.513.2023.08.10.07.26.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Aug 2023 07:26:07 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6B27C868DE; Thu, 10 Aug 2023 16:24:54 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 77F0786902; Thu, 10 Aug 2023 16:24:53 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by phobos.denx.de (Postfix) with ESMTP id 83FAE8681D for ; Thu, 10 Aug 2023 16:24:44 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=fail smtp.mailfrom=sughosh.ganu@linaro.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 6F68AD75; Thu, 10 Aug 2023 07:25:26 -0700 (PDT) Received: from a076522.blr.arm.com (unknown [10.162.46.7]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4976B3F64C; Thu, 10 Aug 2023 07:24:41 -0700 (PDT) From: Sughosh Ganu To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Malte Schmidt , Michal Simek , Tom Rini , Sughosh Ganu Subject: [PATCH v8 9/9] sandbox: trace: Increase trace buffer size Date: Thu, 10 Aug 2023 19:53:38 +0530 Message-Id: <20230810142338.3402963-10-sughosh.ganu@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230810142338.3402963-1-sughosh.ganu@linaro.org> References: <20230810142338.3402963-1-sughosh.ganu@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean When running the trace test on the sandbox platform, the current size of 16MiB is no longer large enough for capturing the entire trace history, and results in truncation. Use a size of 32MiB for the trace buffer on the sandbox platform while running the trace test. Signed-off-by: Sughosh Ganu Reviewed-by: Simon Glass --- Changes since V7: None .azure-pipelines.yml | 2 +- .gitlab-ci.yml | 2 +- test/py/tests/test_trace.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml index 31850ae571..1e937455c6 100644 --- a/.azure-pipelines.yml +++ b/.azure-pipelines.yml @@ -275,7 +275,7 @@ stages: TEST_PY_BD: "sandbox" BUILD_ENV: "FTRACE=1 NO_LTO=1" TEST_PY_TEST_SPEC: "trace" - OVERRIDE: "-a CONFIG_TRACE=y -a CONFIG_TRACE_EARLY=y -a CONFIG_TRACE_EARLY_SIZE=0x01000000" + OVERRIDE: "-a CONFIG_TRACE=y -a CONFIG_TRACE_EARLY=y -a CONFIG_TRACE_EARLY_SIZE=0x01000000 -a CONFIG_TRACE_BUFFER_SIZE=0x02000000" coreboot: TEST_PY_BD: "coreboot" TEST_PY_ID: "--id qemu" diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8010afae95..3e41299658 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -315,7 +315,7 @@ sandbox trace_test.py: TEST_PY_BD: "sandbox" BUILD_ENV: "FTRACE=1 NO_LTO=1" TEST_PY_TEST_SPEC: "trace" - OVERRIDE: "-a CONFIG_TRACE=y -a CONFIG_TRACE_EARLY=y -a CONFIG_TRACE_EARLY_SIZE=0x01000000" + OVERRIDE: "-a CONFIG_TRACE=y -a CONFIG_TRACE_EARLY=y -a CONFIG_TRACE_EARLY_SIZE=0x01000000 -a CONFIG_TRACE_BUFFER_SIZE=0x02000000" <<: *buildman_and_testpy_dfn evb-ast2500 test.py: diff --git a/test/py/tests/test_trace.py b/test/py/tests/test_trace.py index ac3e95925e..ad2250920d 100644 --- a/test/py/tests/test_trace.py +++ b/test/py/tests/test_trace.py @@ -61,7 +61,7 @@ def collect_trace(cons): # Read out the trace data addr = 0x02000000 - size = 0x01000000 + size = 0x02000000 out = cons.run_command(f'trace calls {addr:x} {size:x}') print(out) fname = os.path.join(TMPDIR, 'trace')