From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: u-boot@lists.denx.de
Subject: [PATCH] test/py: efi_secboot: fix Test Case 6c
Date: Fri, 17 Jul 2020 14:57:28 +0900 [thread overview]
Message-ID: <20200717055728.GA31456@laputa> (raw)
In-Reply-To: <ecccf2fe-4f17-105b-761a-ebe958dd0f20@gmx.de>
Heinrich,
On Fri, Jul 17, 2020 at 07:55:03AM +0200, Heinrich Schuchardt wrote:
> On 10.07.20 02:27, AKASHI Takahiro wrote:
> > As the commit cb7116030aff ("efi_loader: time based authentication")
> > fixed the timestamp handling, Test Case 6c has no longer worked as
> > expected.
> > So adjust the timestamp of "dbx" variable.
> >
> > Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> > ---
> > test/py/tests/test_efi_secboot/conftest.py | 4 +++-
> > test/py/tests/test_efi_secboot/test_signed.py | 2 --
> > 2 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/test/py/tests/test_efi_secboot/conftest.py b/test/py/tests/test_efi_secboot/conftest.py
> > index 94c50f6cf7ca..b74640240318 100644
> > --- a/test/py/tests/test_efi_secboot/conftest.py
> > +++ b/test/py/tests/test_efi_secboot/conftest.py
> > @@ -141,7 +141,9 @@ def efi_boot_env(request, u_boot_config):
> > check_call('cd %s; %shash-to-efi-sig-list helloworld.efi.signed db_hello_signed.hash; %ssign-efi-sig-list -c KEK.crt -k KEK.key db db_hello_signed.hash db_hello_signed.auth'
> > % (mnt_point, EFITOOLS_PATH, EFITOOLS_PATH),
> > shell=True)
> > - check_call('cd %s; %ssign-efi-sig-list -c KEK.crt -k KEK.key dbx db_hello_signed.hash dbx_hello_signed.auth'
> > + # 'sleep 2' here because timestamp should be newer than dbx_db.auth
> > + # See Test Case 6c
> > + check_call('cd %s; sleep 2; %ssign-efi-sig-list -c KEK.crt -k KEK.key dbx db_hello_signed.hash dbx_hello_signed.auth'
>
I will drop this patch, and
> We should not use sleep in tests except when testing time related
> routines. sign-efi-sig-list has a -t parameter for time stamps.
I have already fixed this issue in other tests as well.
Let's discuss locally.
-Takahiro Akashi
>
> See patch bc246c69aecea1
> test: correct time stamps for UEFI authentication
>
> Best regards
>
> Heinrich
>
> > % (mnt_point, EFITOOLS_PATH),
> > shell=True)
> >
> > diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py
> > index 7531bbac6a5f..8b1e132c756c 100644
> > --- a/test/py/tests/test_efi_secboot/test_signed.py
> > +++ b/test/py/tests/test_efi_secboot/test_signed.py
> > @@ -237,8 +237,6 @@ class TestEfiSignedImage(object):
> > with u_boot_console.log.section('Test Case 6c'):
> > # Test Case 6c, rejected by image's digest in dbx
> > output = u_boot_console.run_command_list([
> > - 'fatload host 0:1 4000000 db.auth',
> > - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
> > 'fatload host 0:1 4000000 dbx_hello_signed.auth',
> > 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx'])
> > assert 'Failed to set EFI variable' not in ''.join(output)
> >
>
prev parent reply other threads:[~2020-07-17 5:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-10 0:27 [PATCH] test/py: efi_secboot: fix Test Case 6c AKASHI Takahiro
2020-07-17 5:55 ` Heinrich Schuchardt
2020-07-17 5:57 ` AKASHI Takahiro [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200717055728.GA31456@laputa \
--to=takahiro.akashi@linaro.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.