u-boot.git/test/py/tests/test_efi_secboot, branch master Unnamed repository; edit this file 'description' to name the repository. test: uninstall PK after secboot tests 2025-10-17T00:02:19+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2025-10-10T20:29:26+00:00 ede1186f2094f5709f4c4cd081a388873680139d The EFI secure boot tests install a security data base. Other EFI tests assume that secure boot is not enabled. Add the missing tear-down at the end of each secboot test sequence. Reported-by: Tom Rini <trini@konsulko.com> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Tested-by: Tom Rini <trini@konsulko.com> 
The EFI secure boot tests install a security data base.
Other EFI tests assume that secure boot is not enabled.
Add the missing tear-down at the end of each secboot test sequence.

Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Tested-by: Tom Rini <trini@konsulko.com>
test/py: Rework test_efi_secboot to not use virt-make-fs 2025-04-08T19:51:09+00:00 Tom Rini trini@konsulko.com 2025-03-20T13:59:29+00:00 7bf75f3e36d0907e83c84ed252c8f24b1659985c The problem with using "virt-make-fs" to make a filesystem image is that it is extremely slow. Switch to using the fs_helper functions we have instead from the filesystem tests as these can add files to images and are significantly faster and still do not require root access. Signed-off-by: Tom Rini <trini@konsulko.com> 
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.

Signed-off-by: Tom Rini <trini@konsulko.com>
test/py: Shorten u_boot_console 2025-03-15T10:38:38+00:00 Simon Glass sjg@chromium.org 2025-02-09T16:07:14+00:00 752c3769874596d012cd8325099d2ae20123f989 This fixture name is quite long and results in lots of verbose code. We know this is U-Boot so the 'u_boot_' part is not necessary. But it is also a bit of a misnomer, since it provides access to all the information available to tests. It is not just the console. It would be too confusing to use con as it would be confused with config and it is probably too short. So shorten it to 'ubman'. Signed-off-by: Simon Glass <sjg@chromium.org> Link: https://lore.kernel.org/u-boot/CAFLszTgPa4aT_J9h9pqeTtLCVn4x2JvLWRcWRD8NaN3uoSAtyA@mail.gmail.com/ 
This fixture name is quite long and results in lots of verbose code.
We know this is U-Boot so the 'u_boot_' part is not necessary.

But it is also a bit of a misnomer, since it provides access to all the
information available to tests. It is not just the console.

It would be too confusing to use con as it would be confused with
config and it is probably too short.

So shorten it to 'ubman'.

Signed-off-by: Simon Glass <sjg@chromium.org>
Link: https://lore.kernel.org/u-boot/CAFLszTgPa4aT_J9h9pqeTtLCVn4x2JvLWRcWRD8NaN3uoSAtyA@mail.gmail.com/
efi_loader: Fix EFI_VARIABLE_APPEND_WRITE hash check 2024-06-10T13:01:44+00:00 Weizhao Ouyang o451686892@gmail.com 2024-05-08T11:13:12+00:00 3b7d26eb2b88bf2be5a4a32ece1fca61b57e7721 According to UEFI v2.10 spec section 8.2.6, if a caller invokes the SetVariables() service, it will produce a digest from hash(VariableName, VendorGuid, Attributes, TimeStamp, DataNew_variable_content), then the firmware that implements the SetVariable() service will compare the digest with the result of applying the signer’s public key to the signature. For EFI variable append write, efitools sign-efi-sig-list has an option "-a" to add EFI_VARIABLE_APPEND_WRITE attr, and u-boot will drop this attribute in efi_set_variable_int(). So if a caller uses "sign-efi-sig-list -a" to create the authenticated variable, this append write will fail in the u-boot due to "hash check failed". This patch resumes writing the EFI_VARIABLE_APPEND_WRITE attr to ensure that the hash check is correct. And also update the "test_efi_secboot" test case to compliance with the change. Signed-off-by: Weizhao Ouyang <o451686892@gmail.com> 
According to UEFI v2.10 spec section 8.2.6, if a caller invokes the
SetVariables() service, it will produce a digest from hash(VariableName,
VendorGuid, Attributes, TimeStamp, DataNew_variable_content), then the
firmware that implements the SetVariable() service will compare the
digest with the result of applying the signer’s public key to the
signature. For EFI variable append write, efitools sign-efi-sig-list has
an option "-a" to add EFI_VARIABLE_APPEND_WRITE attr, and u-boot will
drop this attribute in efi_set_variable_int(). So if a caller uses
"sign-efi-sig-list -a" to create the authenticated variable, this append
write will fail in the u-boot due to "hash check failed".

This patch resumes writing the EFI_VARIABLE_APPEND_WRITE attr to ensure
that the hash check is correct. And also update the "test_efi_secboot"
test case to compliance with the change.

Signed-off-by: Weizhao Ouyang <o451686892@gmail.com>
efi_loader: improve error handling in try_load_entry() 2024-05-01T05:38:29+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2024-04-22T08:41:00+00:00 566f067349a8f6136cf62d907019efdf1e250ce5 The image is not unloaded if a security violation occurs. If efi_set_load_options() fails, we do not free the memory allocated for the optional data. We do not unload the image. * Unload the image if a security violation occurs. * Free load_options if efi_set_load_options() fails. * Unload the image if efi_set_load_options() fails. Fixes: 53f6a5aa8626 ("efi_loader: Replace config option for initrd loading") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The image is not unloaded if a security violation occurs.

If efi_set_load_options() fails, we do not free the memory allocated for
the optional data. We do not unload the image.

* Unload the image if a security violation occurs.
* Free load_options if efi_set_load_options() fails.
* Unload the image if efi_set_load_options() fails.

Fixes: 53f6a5aa8626 ("efi_loader: Replace config option for initrd loading")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
efi_loader: Boot var automatic management 2023-11-18T08:08:08+00:00 Raymond Mao raymond.mao@linaro.org 2023-11-10T04:25:37+00:00 550862bc1279278a029c8c17871a0c6241c522d8 Changes for complying to EFI spec §3.5.1.1 'Removable Media Boot Behavior'. Boot variables can be automatically generated during a removable media is probed. At the same time, unused boot variables will be detected and removed. Please note that currently the function 'efi_disk_remove' has no ability to distinguish below two scenarios a) Unplugging of a removable media under U-Boot b) U-Boot exiting and booting an OS Thus currently the boot variables management is not added into 'efi_disk_remove' to avoid boot options being added/erased repeatedly under scenario b) during power cycles See TODO comments under function 'efi_disk_remove' for more details The original efi_secboot tests expect that BootOrder EFI variable is not defined. With this commit, the BootOrder EFI variable is automatically added when the disk is detected. The original efi_secboot tests end up with unexpected failure. The efi_secboot tests need to be modified to explicitly set the BootOrder EFI variable. squashfs and erofs ls tests are also affected by this modification, need to clear the previous state before squashfs ls test starts. Co-developed-by: Masahisa Kojima <masahisa.kojima@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Signed-off-by: Raymond Mao <raymond.mao@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Changes for complying to EFI spec §3.5.1.1
'Removable Media Boot Behavior'.
Boot variables can be automatically generated during a removable
media is probed. At the same time, unused boot variables will be
detected and removed.

Please note that currently the function 'efi_disk_remove' has no
ability to distinguish below two scenarios
a) Unplugging of a removable media under U-Boot
b) U-Boot exiting and booting an OS
Thus currently the boot variables management is not added into
'efi_disk_remove' to avoid boot options being added/erased
repeatedly under scenario b) during power cycles
See TODO comments under function 'efi_disk_remove' for more details

The original efi_secboot tests expect that BootOrder EFI variable
is not defined. With this commit, the BootOrder EFI variable is
automatically added when the disk is detected. The original
efi_secboot tests end up with unexpected failure.
The efi_secboot tests need to be modified to explicitly set
the BootOrder EFI variable.

squashfs and erofs ls tests are also affected by this modification,
need to clear the previous state before squashfs ls test starts.

Co-developed-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
global: Use proper project name U-Boot 2023-06-12T11:24:31+00:00 Michal Simek michal.simek@amd.com 2023-05-17T07:17:16+00:00 1be82afa807cc3cfacab29e3de0975d2cd99fa5d Use proper project name in comments, Kconfig, readmes. Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Qu Wenruo <wqu@suse.com> Signed-off-by: Michal Simek <michal.simek@amd.com> Link: https://lore.kernel.org/r/0dbdf0432405c1c38ffca55703b6737a48219e79.1684307818.git.michal.simek@amd.com 
Use proper project name in comments, Kconfig, readmes.

Reviewed-by: Neil Armstrong <neil.armstrong@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Link: https://lore.kernel.org/r/0dbdf0432405c1c38ffca55703b6737a48219e79.1684307818.git.michal.simek@amd.com
test: fix pydoc issues for EFI tests 2023-05-04T07:57:43+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2023-05-03T05:08:05+00:00 bd730aa05baf1a6c5e61dc1f2e38b48f48a06b05 Fix issues reported by pydocstyle. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Fix issues reported by pydocstyle.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
test/py: efi_secboot: Remove unnecessary cert-to-efi-hash-list option 2022-11-06T09:50:04+00:00 Masahisa Kojima masahisa.kojima@linaro.org 2022-10-03T07:12:15+00:00 0b4cbeba593058104349a437ceb4d615e99b4019 'cert-to-efi-hash-list -t 0' does not work as expected, it produces indeterminate timestamp. $ cert-to-efi-hash-list -t 0 -s 256 db.crt dbx_hash.crl TimeOfRevocation is 0-113-0 00:00:255 If we need the CRL revoked for all the time, just don't specify '-t' option. $ cert-to-efi-hash-list -s 256 db.crt dbx_hash.crl TimeOfRevocation is 0-0-0 00:00:00 Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
'cert-to-efi-hash-list -t 0' does not work as expected, it produces
indeterminate timestamp.

  $ cert-to-efi-hash-list -t 0 -s 256 db.crt dbx_hash.crl
  TimeOfRevocation is 0-113-0 00:00:255

If we need the CRL revoked for all the time, just don't specify
'-t' option.

  $ cert-to-efi-hash-list -s 256 db.crt dbx_hash.crl
  TimeOfRevocation is 0-0-0 00:00:00

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
test: fix some pylint errors in test_efi_secboot 2022-10-06T20:54:57+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-10-01T18:55:14+00:00 874490c7ec7a05a429b951720f11a3b966ec0572 * Remove unused import * Provide module docstring Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
* Remove unused import
* Provide module docstring

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>