[PATCH 5/5] dm: test: Add a test for security driver

[seanedmond@linux.microsoft.com]

From: Sean Edmond <seanedmond@microsoft.com>

Adds a test for a sandbox and TPM backed security driver.

Allows for testing of anti-rollback version number get/set API using the
security driver.

Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
---
 arch/sandbox/dts/test.dts |  8 ++++
 configs/sandbox_defconfig |  3 ++
 test/dm/Makefile          |  1 +
 test/dm/security.c        | 78 +++++++++++++++++++++++++++++++++++++++
 4 files changed, 90 insertions(+)
 create mode 100644 test/dm/security.c

diff --git a/arch/sandbox/dts/test.dts b/arch/sandbox/dts/test.dts
index f351d5cb84..c87298cd46 100644
--- a/arch/sandbox/dts/test.dts
+++ b/arch/sandbox/dts/test.dts
@@ -1263,6 +1263,14 @@
 		backlight = <&backlight 0 100>;
 	};
 
+	security@0 {
+		compatible = "sandbox,security";
+	};
+
+	security@1 {
+		compatible = "tpm,security";
+	};
+
 	scsi {
 		compatible = "sandbox,scsi";
 		sandbox,filepath = "scsi.img";
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index 1cd1c2ed7c..546873b049 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -346,3 +346,6 @@ CONFIG_UNIT_TEST=y
 CONFIG_UT_TIME=y
 CONFIG_UT_DM=y
 CONFIG_ARM_FFA_TRANSPORT=y
+CONFIG_DM_SECURITY=y
+CONFIG_SECURITY_SANDBOX=y
+CONFIG_SECURITY_TPM=y
\ No newline at end of file
diff --git a/test/dm/Makefile b/test/dm/Makefile
index 7ed00733c1..d0583c0332 100644
--- a/test/dm/Makefile
+++ b/test/dm/Makefile
@@ -104,6 +104,7 @@ obj-$(CONFIG_DM_RNG) += rng.o
 obj-$(CONFIG_DM_RTC) += rtc.o
 obj-$(CONFIG_SCMI_FIRMWARE) += scmi.o
 obj-$(CONFIG_SCSI) += scsi.o
+obj-$(CONFIG_DM_SECURITY) += security.o
 obj-$(CONFIG_DM_SERIAL) += serial.o
 obj-$(CONFIG_DM_SPI_FLASH) += sf.o
 obj-$(CONFIG_SIMPLE_BUS) += simple-bus.o
diff --git a/test/dm/security.c b/test/dm/security.c
new file mode 100644
index 0000000000..a388a80096
--- /dev/null
+++ b/test/dm/security.c
@@ -0,0 +1,78 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright 2023 Microsoft Corporation
+ * Written by Sean Edmond <seanedmond@microsoft.com>
+ */
+
+#include <common.h>
+#include <dm.h>
+#include <dm-security.h>
+#include <log.h>
+#include <dm/test.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+/*
+ * get_security() - Get a security driver of a given driver name
+ *
+ * @devp: Returns the security device
+ * @driver_name: Driver name to find
+ * Returns: 0 if OK, -ENODEV if not found
+ */
+static int get_security(struct udevice **devp, char *driver_name)
+{
+	struct udevice *dev;
+
+	uclass_foreach_dev_probe(UCLASS_SECURITY, dev) {
+		if (strcmp(dev->driver->name, driver_name) == 0) {
+			*devp = dev;
+			return 0;
+		}
+	}
+
+	return -ENODEV;
+}
+
+/* Basic test of security driver Anti rollback version number read/write */
+static int test_security_arbvn(struct unit_test_state *uts, char *driver_name)
+{
+	struct udevice *dev;
+	uint64_t arbvn;
+
+	/* get the security driver */
+	ut_assertok(get_security(&dev, driver_name));
+
+	/* ensure initial value is 0 */
+	dm_security_arbvn_get(dev, &arbvn);
+	ut_asserteq(0, arbvn);
+
+	/* write 1 and ensure it's read back */
+	dm_security_arbvn_set(dev, 1);
+	dm_security_arbvn_get(dev, &arbvn);
+	ut_asserteq(1, arbvn);
+
+	/* write all ones and ensure it's read back */
+	dm_security_arbvn_set(dev, 0xffffffffffffffffULL);
+	dm_security_arbvn_get(dev, &arbvn);
+	ut_asserteq(0xffffffffffffffffULL, arbvn);
+
+	return 0;
+}
+
+static int dm_test_security_sandbox(struct unit_test_state *uts)
+{
+	ut_assertok(test_security_arbvn(uts, "security_sandbox"));
+
+	return 0;
+}
+
+DM_TEST(dm_test_security_sandbox, UT_TESTF_SCAN_FDT);
+
+static int dm_test_security_tpm(struct unit_test_state *uts)
+{
+	ut_assertok(test_security_arbvn(uts, "security_tpm"));
+
+	return 0;
+}
+
+DM_TEST(dm_test_security_tpm, UT_TESTF_SCAN_FDT);
-- 
2.40.0