From 6c66ccf26ccca70bfcd94b43fbe6523f7564d214 Mon Sep 17 00:00:00 2001 From: Neha Malcom Francis Date: Sat, 22 Jul 2023 00:14:24 +0530 Subject: binman: ti-board-config: Add support for TI board config binaries The ti-board-config entry loads and validates a given YAML config file against a given schema, and generates the board config binary. K3 devices require these binaries to be packed into the final system firmware images. Reviewed-by: Simon Glass Signed-off-by: Neha Malcom Francis --- tools/binman/ftest.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'tools/binman/ftest.py') diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index e53181afb78..5a3226e3cb0 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -97,6 +97,7 @@ ENV_DATA = b'var1=1\nvar2="2"' PRE_LOAD_MAGIC = b'UBSH' PRE_LOAD_VERSION = 0x11223344.to_bytes(4, 'big') PRE_LOAD_HDR_SIZE = 0x00001000.to_bytes(4, 'big') +TI_BOARD_CONFIG_DATA = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' # Subdirectory of the input dir to use to put test FDTs TEST_FDT_SUBDIR = 'fdts' @@ -199,6 +200,9 @@ class TestFunctional(unittest.TestCase): shutil.copytree(cls.TestFile('files'), os.path.join(cls._indir, 'files')) + shutil.copytree(cls.TestFile('yaml'), + os.path.join(cls._indir, 'yaml')) + TestFunctional._MakeInputFile('compress', COMPRESS_DATA) TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG) TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA) @@ -6884,6 +6888,22 @@ fdt fdtmap Extract the devicetree blob from the fdtmap # Move to next spl_data = content[:0x18] + def testTIBoardConfig(self): + """Test that a schema validated board config file can be generated""" + data = self._DoReadFile('277_ti_board_cfg.dts') + self.assertEqual(TI_BOARD_CONFIG_DATA, data) + + def testTIBoardConfigCombined(self): + """Test that a schema validated combined board config file can be generated""" + data = self._DoReadFile('278_ti_board_cfg_combined.dts') + configlen_noheader = TI_BOARD_CONFIG_DATA * 4 + self.assertGreater(data, configlen_noheader) + + def testTIBoardConfigNoDataType(self): + """Test that error is thrown when data type is not supported""" + with self.assertRaises(ValueError) as e: + data = self._DoReadFile('279_ti_board_cfg_no_type.dts') + self.assertIn("Schema validation error", str(e.exception)) if __name__ == "__main__": unittest.main() -- cgit v1.2.3 From 78144826bb8209df0a703a4a0dd88f7b57ad12cb Mon Sep 17 00:00:00 2001 From: Neha Malcom Francis Date: Sat, 22 Jul 2023 00:14:25 +0530 Subject: binman: ti-secure: Add support for TI signing The ti-secure entry contains certificate for binaries that will be loaded or booted by system firmware whereas the ti-secure-rom entry contains certificate for binaries that will be booted by ROM. Support for both these types of certificates is necessary for booting of K3 devices. Reviewed-by: Simon Glass [vigneshr@ti.com: fixed inconsist cert generation by multiple packing] Signed-off-by: Vignesh Raghavendra Signed-off-by: Neha Malcom Francis --- tools/binman/ftest.py | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'tools/binman/ftest.py') diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index 5a3226e3cb0..5b136238e67 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -98,6 +98,7 @@ PRE_LOAD_MAGIC = b'UBSH' PRE_LOAD_VERSION = 0x11223344.to_bytes(4, 'big') PRE_LOAD_HDR_SIZE = 0x00001000.to_bytes(4, 'big') TI_BOARD_CONFIG_DATA = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' +TI_UNSECURE_DATA = b'unsecuredata' # Subdirectory of the input dir to use to put test FDTs TEST_FDT_SUBDIR = 'fdts' @@ -211,6 +212,7 @@ class TestFunctional(unittest.TestCase): TestFunctional._MakeInputFile('fw_dynamic.bin', OPENSBI_DATA) TestFunctional._MakeInputFile('scp.bin', SCP_DATA) TestFunctional._MakeInputFile('rockchip-tpl.bin', ROCKCHIP_TPL_DATA) + TestFunctional._MakeInputFile('ti_unsecure.bin', TI_UNSECURE_DATA) # Add a few .dtb files for testing TestFunctional._MakeInputFile('%s/test-fdt1.dtb' % TEST_FDT_SUBDIR, @@ -6905,5 +6907,55 @@ fdt fdtmap Extract the devicetree blob from the fdtmap data = self._DoReadFile('279_ti_board_cfg_no_type.dts') self.assertIn("Schema validation error", str(e.exception)) + def testPackTiSecure(self): + """Test that an image with a TI secured binary can be created""" + keyfile = self.TestFile('key.key') + entry_args = { + 'keyfile': keyfile, + } + data = self._DoReadFileDtb('279_ti_secure.dts', + entry_args=entry_args)[0] + self.assertGreater(len(data), len(TI_UNSECURE_DATA)) + + def testPackTiSecureMissingTool(self): + """Test that an image with a TI secured binary (non-functional) can be created + when openssl is missing""" + keyfile = self.TestFile('key.key') + entry_args = { + 'keyfile': keyfile, + } + with test_util.capture_sys_output() as (_, stderr): + self._DoTestFile('279_ti_secure.dts', + force_missing_bintools='openssl', + entry_args=entry_args) + err = stderr.getvalue() + self.assertRegex(err, "Image 'image'.*missing bintools.*: openssl") + + def testPackTiSecureROM(self): + """Test that a ROM image with a TI secured binary can be created""" + keyfile = self.TestFile('key.key') + entry_args = { + 'keyfile': keyfile, + } + data = self._DoReadFileDtb('280_ti_secure_rom.dts', + entry_args=entry_args)[0] + data_a = self._DoReadFileDtb('288_ti_secure_rom_a.dts', + entry_args=entry_args)[0] + data_b = self._DoReadFileDtb('289_ti_secure_rom_b.dts', + entry_args=entry_args)[0] + self.assertGreater(len(data), len(TI_UNSECURE_DATA)) + self.assertGreater(len(data_a), len(TI_UNSECURE_DATA)) + self.assertGreater(len(data_b), len(TI_UNSECURE_DATA)) + + def testPackTiSecureROMCombined(self): + """Test that a ROM image with a TI secured binary can be created""" + keyfile = self.TestFile('key.key') + entry_args = { + 'keyfile': keyfile, + } + data = self._DoReadFileDtb('281_ti_secure_rom_combined.dts', + entry_args=entry_args)[0] + self.assertGreater(len(data), len(TI_UNSECURE_DATA)) + if __name__ == "__main__": unittest.main() -- cgit v1.2.3 From 15432ea611e637872afd743e0261c087ccd5768a Mon Sep 17 00:00:00 2001 From: Andrew Davis Date: Sat, 22 Jul 2023 00:14:44 +0530 Subject: binman: Overwrite symlink if it already exists Without this re-building will fail with an error when trying to create the symlink for the second time with an already exists error. Signed-off-by: Andrew Davis [n-francis@ti.com: Added support for test output dir and testcase] Signed-off-by: Neha Malcom Francis --- tools/binman/ftest.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'tools/binman/ftest.py') diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index 5b136238e67..3e8091e8326 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -353,7 +353,7 @@ class TestFunctional(unittest.TestCase): use_expanded=False, verbosity=None, allow_missing=False, allow_fake_blobs=False, extra_indirs=None, threads=None, test_section_timeout=False, update_fdt_in_elf=None, - force_missing_bintools='', ignore_missing=False): + force_missing_bintools='', ignore_missing=False, output_dir=None): """Run binman with a given test file Args: @@ -384,6 +384,7 @@ class TestFunctional(unittest.TestCase): update_fdt_in_elf: Value to pass with --update-fdt-in-elf=xxx force_missing_tools (str): comma-separated list of bintools to regard as missing + output_dir: Specific output directory to use for image using -O Returns: int return code, 0 on success @@ -430,6 +431,8 @@ class TestFunctional(unittest.TestCase): if extra_indirs: for indir in extra_indirs: args += ['-I', indir] + if output_dir: + args += ['-O', output_dir] return self._DoBinman(*args) def _SetupDtb(self, fname, outfile='u-boot.dtb'): @@ -6174,7 +6177,7 @@ fdt fdtmap Extract the devicetree blob from the fdtmap str(e.exception)) def testSymlink(self): - """Test that image files can be named""" + """Test that image files can be symlinked""" retcode = self._DoTestFile('259_symlink.dts', debug=True, map=True) self.assertEqual(0, retcode) image = control.images['test_image'] @@ -6183,6 +6186,17 @@ fdt fdtmap Extract the devicetree blob from the fdtmap self.assertTrue(os.path.islink(sname)) self.assertEqual(os.readlink(sname), fname) + def testSymlinkOverwrite(self): + """Test that symlinked images can be overwritten""" + testdir = TestFunctional._MakeInputDir('symlinktest') + self._DoTestFile('259_symlink.dts', debug=True, map=True, output_dir=testdir) + # build the same image again in the same directory so that existing symlink is present + self._DoTestFile('259_symlink.dts', debug=True, map=True, output_dir=testdir) + fname = tools.get_output_filename('test_image.bin') + sname = tools.get_output_filename('symlink_to_test.bin') + self.assertTrue(os.path.islink(sname)) + self.assertEqual(os.readlink(sname), fname) + def testSymbolsElf(self): """Test binman can assign symbols embedded in an ELF file""" if not elf.ELF_TOOLS: -- cgit v1.2.3