u-boot.git/test, branch v2022.04-rc2 Unnamed repository; edit this file 'description' to name the repository. Merge tag 'efi-2022-04-rc2-4' of https://source.denx.de/u-boot/custodians/u-boot-efi 2022-02-11T20:11:52+00:00 Tom Rini trini@konsulko.com 2022-02-11T20:07:49+00:00 162c22bfbc4141f22937c6bc37aa02fd4621e76c Pull request for efi-2022-04-rc2-4 Documentation: * mkeficapsule man-page UEFI changes: * add support for signing images to mkeficapsule * add support for user define capsule GUID * adjust unit tests for capsules * fix UEFI image signature validation in case of multiple signatures 
Pull request for efi-2022-04-rc2-4

Documentation:

* mkeficapsule man-page

UEFI changes:

* add support for signing images to mkeficapsule
* add support for user define capsule GUID
* adjust unit tests for capsules
* fix UEFI image signature validation in case of multiple signatures
test/py: efi_secboot: adjust secure boot tests to code changes 2022-02-11T19:07:55+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2022-02-11T07:37:50+00:00 72b509b7019878e2a5f69bcf7198a0927a77ad60 The previous patch is changing U-Boot's behavior wrt certificate based binary authentication. Specifically an image who's digest of a certificate is found in dbx is now rejected. Fix the test accordingly and add another one testing signatures in reverse order Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The previous patch is changing U-Boot's behavior wrt certificate based
binary authentication.  Specifically an image who's digest of a
certificate is found in dbx is now rejected.  Fix the test accordingly
and add another one testing signatures in reverse order

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
test/py: efi_capsule: check the results in case of CAPSULE_AUTHENTICATE 2022-02-11T19:07:55+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-02-09T10:10:42+00:00 e012550cd7d6cde866b848cf3a0543ce50204a07 Before the capsule authentication is supported, this test script works correctly, but with the feature enabled, most tests will fail due to unsigned capsules. So check the results depending on CAPSULE_AUTHENTICATE or not. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> 
Before the capsule authentication is supported, this test script works
correctly, but with the feature enabled, most tests will fail due to
unsigned capsules.
So check the results depending on CAPSULE_AUTHENTICATE or not.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
test/py: efi_capsule: add a test for "--guid" option 2022-02-11T19:07:55+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-02-09T10:10:41+00:00 e9b74979b462f56569d40b431d2c8799ef7f5f69 This test scenario tests a new feature of mkeficapsule, "--guid" option, which allows us to specify FMP driver's guid explicitly at the command line. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> 
This test scenario tests a new feature of mkeficapsule, "--guid" option,
which allows us to specify FMP driver's guid explicitly at the command
line.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
test/py: efi_capsule: align with the syntax change of mkeficapsule 2022-02-11T19:07:55+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-02-09T10:10:40+00:00 460c94a2c732db3eab14a39f70e280a3a3ad65e0 Since the syntax of mkeficapsule was changed in the previous commit, we need to modify command line arguments in a pytest script. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> 
Since the syntax of mkeficapsule was changed in the previous commit,
we need to modify command line arguments in a pytest script.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
test/py: efi_capsule: add image authentication test 2022-02-11T19:07:55+00:00 AKASHI Takahiro takahiro.akashi@linaro.org 2022-02-09T10:10:38+00:00 bad58cb308acdf739e855e3336dfdf1a8d7b08a4 Add a couple of test cases against capsule image authentication for capsule-on-disk, where only a signed capsule file with the verified signature will be applied to the system. Due to the difficulty of embedding a public key (esl file) in U-Boot binary during pytest setup time, all the keys/certificates are pre-created. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Add a couple of test cases against capsule image authentication
for capsule-on-disk, where only a signed capsule file with the verified
signature will be applied to the system.

Due to the difficulty of embedding a public key (esl file) in U-Boot
binary during pytest setup time, all the keys/certificates are pre-created.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
test: test field truncation in snprint() 2022-02-11T16:29:23+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-01-29T15:33:16+00:00 73cde90c8badbeba32524c2708d26fea805fba1e The output size for snprint() should not only be respected for whole fields but also with fields. Add more tests. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
The output size for snprint() should not only be respected for whole fields
but also with fields. Add more tests.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
test/py: Add test case for mkimage -o argument 2022-02-11T15:52:24+00:00 Jan Kiszka jan.kiszka@siemens.com 2022-02-03T20:43:50+00:00 7ace56ae0321a0333d333df40e1e02aa17fa2dae Stress the '-o algo_name' argument of mkimage by expanding the vboot test. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: Update scripts/pylint.base] 
Stress the '-o algo_name' argument of mkimage by expanding the vboot
test.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Update scripts/pylint.base]
test: test UTF-16 truncation in snprintf() 2022-02-05T19:20:01+00:00 Heinrich Schuchardt heinrich.schuchardt@canonical.com 2022-01-29T17:28:08+00:00 c672dd770ee0d9874086543c20a9088124514051 Check that snprintf() returns the correct required buffer length and prints the correct string for UTF-16 strings. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> 
Check that snprintf() returns the correct required buffer length and prints
the correct string for UTF-16 strings.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
treewide: Use 16-bit Unicode strings 2022-02-03T20:53:28+00:00 Simon Glass sjg@chromium.org 2022-01-23T19:55:14+00:00 5b9a5b2b966bf738ca4115a9dca52d0dc9f2710d At present we use wide characters for Unicode but this is not necessary. Change the code to use the 'u' literal instead. This helps to fix build warnings for sandbox on the Raspberry Pi. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> 
At present we use wide characters for Unicode but this is not necessary.
Change the code to use the 'u' literal instead. This helps to fix build
warnings for sandbox on the Raspberry Pi.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>