From: Eddie James <eajames@linux.ibm.com>
To: u-boot@lists.denx.de
Cc: ilias.apalodimas@linaro.org, sjg@chromium.org,
xypron.glpk@gmx.de, eajames@linux.ibm.com
Subject: [PATCH v12 5/8] test: Add sandbox TPM boot measurement
Date: Thu, 12 Oct 2023 09:45:48 -0500 [thread overview]
Message-ID: <20231012144551.679551-6-eajames@linux.ibm.com> (raw)
In-Reply-To: <20231012144551.679551-1-eajames@linux.ibm.com>
Use the sandbox TPM driver to measure some boot images in a unit
test case.
Signed-off-by: Eddie James <eajames@linux.ibm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes since v5:
- Only compile in the measurement u-boot command when
CONFIG_MEASURED_BOOT is enabled.
arch/sandbox/dts/sandbox.dtsi | 13 +++++++
arch/sandbox/dts/test.dts | 13 +++++++
configs/sandbox_defconfig | 1 +
include/test/suites.h | 1 +
test/boot/Makefile | 1 +
test/boot/measurement.c | 66 +++++++++++++++++++++++++++++++++++
test/cmd_ut.c | 4 +++
7 files changed, 99 insertions(+)
create mode 100644 test/boot/measurement.c
diff --git a/arch/sandbox/dts/sandbox.dtsi b/arch/sandbox/dts/sandbox.dtsi
index ff7e5584c5..241f397ba6 100644
--- a/arch/sandbox/dts/sandbox.dtsi
+++ b/arch/sandbox/dts/sandbox.dtsi
@@ -4,11 +4,23 @@
* and sandbox64 builds.
*/
+#include <config.h>
#include <dt-bindings/input/input.h>
#define USB_CLASS_HUB 9
/ {
+ reserved-memory {
+ #address-cells = <1>;
+ #size-cells = <1>;
+ ranges;
+
+ event_log: tcg_event_log {
+ no-map;
+ reg = <(CFG_SYS_SDRAM_SIZE - 0x2000) 0x2000>;
+ };
+ };
+
binman {
};
@@ -342,6 +354,7 @@
tpm2 {
compatible = "sandbox,tpm2";
+ memory-region = <&event_log>;
};
triangle {
diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts
index 9a863ea732..bb2ddd9bf2 100644
--- a/arch/sandbox/dts/test.dts
+++ b/arch/sandbox/dts/test.dts
@@ -9,6 +9,7 @@
/dts-v1/;
+#include <config.h>
#include <dt-bindings/gpio/gpio.h>
#include <dt-bindings/gpio/sandbox-gpio.h>
#include <dt-bindings/input/input.h>
@@ -68,6 +69,17 @@
osd0 = "/osd";
};
+ reserved-memory {
+ #address-cells = <1>;
+ #size-cells = <1>;
+ ranges;
+
+ event_log: tcg_event_log {
+ no-map;
+ reg = <(CFG_SYS_SDRAM_SIZE - 0x2000) 0x2000>;
+ };
+ };
+
binman: binman {
};
@@ -1422,6 +1434,7 @@
tpm2 {
compatible = "sandbox,tpm2";
+ memory-region = <&event_log>;
};
tpm {
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index d667cb9ae4..12c387a77e 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -349,3 +349,4 @@ CONFIG_UNIT_TEST=y
CONFIG_UT_TIME=y
CONFIG_UT_DM=y
CONFIG_ARM_FFA_TRANSPORT=y
+CONFIG_MEASURED_BOOT=y
diff --git a/include/test/suites.h b/include/test/suites.h
index 1c7dc65966..48ed549c13 100644
--- a/include/test/suites.h
+++ b/include/test/suites.h
@@ -45,6 +45,7 @@ int do_ut_font(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_lib(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_loadm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_log(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]);
+int do_ut_measurement(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]);
int do_ut_mem(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_optee(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_overlay(struct cmd_tbl *cmdtp, int flag, int argc,
diff --git a/test/boot/Makefile b/test/boot/Makefile
index 52947580ae..068522cb9e 100644
--- a/test/boot/Makefile
+++ b/test/boot/Makefile
@@ -4,6 +4,7 @@
obj-$(CONFIG_BOOTSTD) += bootdev.o bootstd_common.o bootflow.o bootmeth.o
obj-$(CONFIG_FIT) += image.o
+obj-$(CONFIG_MEASURED_BOOT) += measurement.o
obj-$(CONFIG_EXPO) += expo.o
obj-$(CONFIG_CEDIT) += cedit.o
diff --git a/test/boot/measurement.c b/test/boot/measurement.c
new file mode 100644
index 0000000000..9db2ed324c
--- /dev/null
+++ b/test/boot/measurement.c
@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Test for measured boot functions
+ *
+ * Copyright 2023 IBM Corp.
+ * Written by Eddie James <eajames@linux.ibm.com>
+ */
+
+#include <common.h>
+#include <bootm.h>
+#include <malloc.h>
+#include <test/suites.h>
+#include <test/test.h>
+#include <test/ut.h>
+#include <asm/io.h>
+
+#define MEASUREMENT_TEST(_name, _flags) \
+ UNIT_TEST(_name, _flags, measurement_test)
+
+static int measure(struct unit_test_state *uts)
+{
+ struct bootm_headers images;
+ const size_t size = 1024;
+ u8 *kernel;
+ u8 *initrd;
+ size_t i;
+
+ kernel = malloc(size);
+ initrd = malloc(size);
+
+ images.os.image_start = map_to_sysmem(kernel);
+ images.os.image_len = size;
+
+ images.rd_start = map_to_sysmem(initrd);
+ images.rd_end = images.rd_start + size;
+
+ images.ft_addr = malloc(size);
+ images.ft_len = size;
+
+ env_set("bootargs", "measurement testing");
+
+ for (i = 0; i < size; ++i) {
+ kernel[i] = 0xf0 | (i & 0xf);
+ initrd[i] = (i & 0xf0) | 0xf;
+ images.ft_addr[i] = i & 0xff;
+ }
+
+ ut_assertok(bootm_measure(&images));
+
+ free(images.ft_addr);
+ free(initrd);
+ free(kernel);
+
+ return 0;
+}
+MEASUREMENT_TEST(measure, 0);
+
+int do_ut_measurement(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
+{
+ struct unit_test *tests = UNIT_TEST_SUITE_START(measurement_test);
+ const int n_ents = UNIT_TEST_SUITE_COUNT(measurement_test);
+
+ return cmd_ut_category("measurement", "measurement_test_", tests,
+ n_ents, argc, argv);
+}
diff --git a/test/cmd_ut.c b/test/cmd_ut.c
index 0f56409e80..e87adcb71e 100644
--- a/test/cmd_ut.c
+++ b/test/cmd_ut.c
@@ -99,6 +99,10 @@ static struct cmd_tbl cmd_ut_sub[] = {
#if CONFIG_IS_ENABLED(UT_UNICODE) && !defined(API_BUILD)
U_BOOT_CMD_MKENT(unicode, CONFIG_SYS_MAXARGS, 1, do_ut_unicode, "", ""),
#endif
+#ifdef CONFIG_MEASURED_BOOT
+ U_BOOT_CMD_MKENT(measurement, CONFIG_SYS_MAXARGS, 1, do_ut_measurement,
+ "", ""),
+#endif
#ifdef CONFIG_SANDBOX
U_BOOT_CMD_MKENT(compression, CONFIG_SYS_MAXARGS, 1, do_ut_compression,
"", ""),
--
2.39.3
next prev parent reply other threads:[~2023-10-12 14:50 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-12 14:45 [PATCH v12 0/8] tpm: Support boot measurements Eddie James
2023-10-12 14:45 ` [PATCH v12 1/8] tpm: Fix spelling for tpmu_ha union Eddie James
2023-10-12 14:45 ` [PATCH v12 2/8] tpm: sandbox: Update for needed TPM2 capabilities Eddie James
2023-10-12 14:45 ` [PATCH v12 3/8] tpm: Support boot measurements Eddie James
2023-10-12 14:45 ` [PATCH v12 4/8] bootm: Support boot measurement Eddie James
2023-10-12 14:45 ` Eddie James [this message]
2023-10-13 17:22 ` [PATCH v12 5/8] test: Add sandbox TPM " Ilias Apalodimas
2023-10-19 13:29 ` Eddie James
2023-10-19 13:33 ` Ilias Apalodimas
2023-10-12 14:45 ` [PATCH v12 6/8] doc: Add measured boot documentation Eddie James
2023-10-12 15:29 ` Simon Glass
2023-10-19 16:13 ` Eddie James
2023-10-12 14:45 ` [PATCH v12 7/8] efi_loader: fix EFI_ENTRY point on get_active_pcr_banks Eddie James
2023-10-12 14:45 ` [PATCH v12 8/8] test: use a non system PCR for testing PCR extend Eddie James
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231012144551.679551-6-eajames@linux.ibm.com \
--to=eajames@linux.ibm.com \
--cc=ilias.apalodimas@linaro.org \
--cc=sjg@chromium.org \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.