forked from wolfSSL/wolfBoot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest.mk
331 lines (285 loc) · 10.5 KB
/
test.mk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
TEST_UPDATE_VERSION?=2
WOLFBOOT_VERSION?=0
EXPVER=tools/test-expect-version/test-expect-version
SPI_CHIP=SST25VF080B
SIGN_TOOL=/bin/false
SPI_OPTIONS=SPI_FLASH=1 WOLFBOOT_PARTITION_SIZE=0x80000 WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x00000 WOLFBOOT_PARTITION_SWAP_ADDRESS=0x80000
ifeq ($(SIGN),ED25519)
SIGN_TOOL=tools/keytools/sign.py --ed25519
endif
ifeq ($(SIGN),ECC256)
SIGN_TOOL=tools/keytools/sign.py --ecc256
endif
ifeq ($(SIGN),RSA2048)
SIGN_TOOL=tools/keytools/sign.py --rsa2048
endif
ifeq ($(SIGN),RSA4096)
SIGN_TOOL=tools/keytools/sign.py --rsa4096
endif
ifeq ($(HASH),SHA256)
SIGN_TOOL+= --sha256
endif
ifeq ($(HASH),SHA3)
SIGN_TOOL+= --sha3
endif
$(EXPVER):
make -C tools/test-expect-version
# Testbed actions
#
#
#
testbed-on: FORCE
@if ! (test -d /sys/class/gpio/gpio4); then echo "4" > /sys/class/gpio/export || true; fi
@echo "out" >/sys/class/gpio/gpio4/direction
@echo "0" >/sys/class/gpio/gpio4/value || true
@echo "Testbed on."
testbed-off: FORCE
@if ! (test -d /sys/class/gpio/gpio4); then echo "4" > /sys/class/gpio/export || true; fi
@echo "out" >/sys/class/gpio/gpio4/direction
@echo "1" >/sys/class/gpio/gpio4/value || true
@echo "Testbed off."
test-reset: FORCE
@(sleep 1 && make testbed-off && sleep 1 && make testbed-on) &
test-spi-on: FORCE
@make testbed-off
@echo "7" >/sys/class/gpio/unexport || true
@echo "8" >/sys/class/gpio/unexport || true
@echo "9" >/sys/class/gpio/unexport || true
@echo "10" >/sys/class/gpio/unexport || true
@echo "11" >/sys/class/gpio/unexport || true
@modprobe spi_bcm2835
@modprobe spidev
test-spi-off: FORCE
@rmmod spi_bcm2835
@rmmod spidev
@echo "7" >/sys/class/gpio/export
@echo "8" >/sys/class/gpio/export
@echo "9" >/sys/class/gpio/export
@echo "10" >/sys/class/gpio/export
@echo "11" >/sys/class/gpio/export
@echo "in" >/sys/class/gpio/gpio8/direction
@echo "in" >/sys/class/gpio/gpio9/direction
@echo "in" >/sys/class/gpio/gpio10/direction
@echo "in" >/sys/class/gpio/gpio11/direction
@make testbed-on
test-tpm-off: FORCE
@if ! (test -d /sys/class/gpio/gpio7); then echo "7" > /sys/class/gpio/export || true; fi
@echo "out" >/sys/class/gpio/gpio7/direction
@echo "1" >/sys/class/gpio/gpio7/value || true
test-tpm-on: FORCE
@echo "7" >/sys/class/gpio/unexport || true
test-update: test-app/image.bin FORCE
@dd if=/dev/zero bs=131067 count=1 2>/dev/null | tr "\000" "\377" > test-update.bin
@python3 $(SIGN_TOOL) test-app/image.bin $(PRIVATE_KEY) $(TEST_UPDATE_VERSION)
@dd if=test-app/image_v$(TEST_UPDATE_VERSION)_signed.bin of=test-update.bin bs=1 conv=notrunc
@printf "pBOOT" >> test-update.bin
@make test-reset
@sleep 2
@st-flash --reset write test-update.bin 0x08040000 || \
(make test-reset && sleep 1 && st-flash --reset write test-update.bin 0x08040000) || \
(make test-reset && sleep 1 && st-flash --reset write test-update.bin 0x08040000)
test-self-update: wolfboot.bin test-app/image.bin FORCE
@mv $(PRIVATE_KEY) private_key.old
@make clean
@rm src/*_pub_key.c
@make factory.bin RAM_CODE=1 WOLFBOOT_VERSION=$(WOLFBOOT_VERSION) SIGN=$(SIGN)
@python3 $(SIGN_TOOL) test-app/image.bin $(PRIVATE_KEY) $(TEST_UPDATE_VERSION)
@st-flash --reset write test-app/image_v2_signed.bin 0x08020000 || \
(make test-reset && sleep 1 && st-flash --reset write test-app/image_v2_signed.bin 0x08020000) || \
(make test-reset && sleep 1 && st-flash --reset write test-app/image_v2_signed.bin 0x08020000)
@dd if=/dev/zero bs=131067 count=1 2>/dev/null | tr "\000" "\377" > test-self-update.bin
@python3 $(SIGN_TOOL) --wolfboot-update wolfboot.bin private_key.old $(WOLFBOOT_VERSION)
@dd if=wolfboot_v$(WOLFBOOT_VERSION)_signed.bin of=test-self-update.bin bs=1 conv=notrunc
@printf "pBOOT" >> test-self-update.bin
@st-flash --reset write test-self-update.bin 0x08040000 || \
(make test-reset && sleep 1 && st-flash --reset write test-self-update.bin 0x08040000) || \
(make test-reset && sleep 1 && st-flash --reset write test-self-update.bin 0x08040000)
test-update-ext: test-app/image.bin FORCE
@python3 $(SIGN_TOOL) test-app/image.bin $(PRIVATE_KEY) $(TEST_UPDATE_VERSION)
@(dd if=/dev/zero bs=1M count=1 | tr '\000' '\377' > test-update.rom)
@dd if=test-app/image_v$(TEST_UPDATE_VERSION)_signed.bin of=test-update.rom bs=1 count=524283 conv=notrunc
@printf "pBOOT" | dd of=test-update.rom obs=1 seek=524283 count=5 conv=notrunc
@make test-spi-on
flashrom -c $(SPI_CHIP) -p linux_spi:dev=/dev/spidev0.0 -w test-update.rom
@make test-spi-off
@make test-tpm-off
@make test-reset
@sleep 2
@make clean
test-erase: FORCE
@echo Mass-erasing the internal flash:
@make test-reset
@sleep 2
@st-flash erase
test-erase-ext: FORCE
@make test-spi-on
@echo Mass-erasing the external SPI flash:
flashrom -c $(SPI_CHIP) -p linux_spi:dev=/dev/spidev0.0 -E
@make test-spi-off
@make test-tpm-off
test-factory: factory.bin
@make test-reset
@sleep 2
@st-flash --reset write factory.bin 0x08000000 || \
((make test-reset && sleep 1 && st-flash --reset write factory.bin 0x08000000) || \
(make test-reset && sleep 1 && st-flash --reset write factory.bin 0x08000000))&
test-resetold: FORCE
@(sleep 1 && st-info --reset) &
## Test cases:
test-01-forward-update-no-downgrade: $(EXPVER) FORCE
@make test-erase
@echo Creating and uploading factory image...
@make test-factory
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=4
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=1
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@make clean
@echo TEST PASSED
test-02-forward-update-allow-downgrade: $(EXPVER) FORCE
@make test-erase
@echo Creating and uploading factory image...
@make test-factory ALLOW_DOWNGRADE=1
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=4
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=2
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 2)
@make clean
@echo TEST PASSED
test-03-rollback: $(EXPVER) FORCE
@make test-erase
@echo Creating and uploading factory image...
@make test-factory
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=4
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@echo
@echo Creating and uploading update image...
@make test-update TEST_UPDATE_VERSION=5
@echo Expecting version '5'
@(test `$(EXPVER)` -eq 5)
@echo
@echo Resetting to trigger rollback...
@make test-reset
@(test `$(EXPVER)` -eq 4)
@make clean
@echo TEST PASSED
test-11-forward-update-no-downgrade-ECC: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=ECC256
test-13-rollback-ECC: $(EXPVER) FORCE
@make test-03-rollback SIGN=ECC256
test-21-forward-update-no-downgrade-SPI: $(EXPVER) FORCE
@make test-erase-ext
@echo Creating and uploading factory image...
@make test-factory $(SPI_OPTIONS)
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Creating and uploading update image...
@make test-update-ext TEST_UPDATE_VERSION=4 $(SPI_OPTIONS)
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@echo
@echo Creating and uploading update image...
@make test-update-ext TEST_UPDATE_VERSION=1 $(SPI_OPTIONS)
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@make clean
@echo TEST PASSED
test-23-rollback-SPI: $(EXPVER) FORCE
@make test-erase-ext
@echo Creating and uploading factory image...
@make test-factory $(SPI_OPTIONS)
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Creating and uploading update image...
@make test-update-ext TEST_UPDATE_VERSION=4 $(SPI_OPTIONS)
@echo Expecting version '4'
@(test `$(EXPVER)` -eq 4)
@echo
@echo Creating and uploading update image...
@make test-update-ext TEST_UPDATE_VERSION=5 $(SPI_OPTIONS)
@echo Expecting version '5'
@(test `$(EXPVER)` -eq 5)
@echo
@echo Resetting to trigger rollback...
@make test-reset
@sleep 2
@(test `$(EXPVER)` -eq 4)
@make clean
@echo TEST PASSED
test-34-forward-self-update: $(EXPVER) FORCE
@echo Creating and uploading factory image...
@make clean
@make distclean
@make test-factory RAM_CODE=1 SIGN=$(SIGN)
@echo Expecting version '1'
@(test `$(EXPVER)` -eq 1)
@echo
@echo Updating keys, firmware, bootloader
@make test-self-update WOLFBOOT_VERSION=4 RAM_CODE=1 SIGN=$(SIGN)
@sleep 2
@(test `$(EXPVER)` -eq 2)
@make clean
@echo TEST PASSED
test-44-forward-self-update-ECC: $(EXPVER) FORCE
@make test-34-forward-self-update SIGN=ECC256
test-51-forward-update-no-downgrade-RSA: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=RSA2048
test-53-rollback-RSA: $(EXPVER) FORCE
@make test-03-rollback SIGN=RSA2048
test-61-forward-update-no-downgrade-TPM: $(EXPVER) FORCE
@make test-tpm-on
@make test-01-forward-update-no-downgrade SIGN=ECC256 WOLFTPM=1
@make test-tpm-off
test-63-rollback-TPM: $(EXPVER) FORCE
@make test-tpm-on
@make test-03-rollback SIGN=ECC256 WOLFTPM=1
@make test-tpm-off
test-71-forward-update-no-downgrade-RSA-4096: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=RSA4096
test-73-rollback-RSA-4096: $(EXPVER) FORCE
@make test-03-rollback SIGN=RSA4096
test-81-forward-update-no-downgrade-ED25519-SHA3: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=ED25519 HASH=SHA3
test-91-forward-update-no-downgrade-ECC256-SHA3: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=ECC256 HASH=SHA3
test-101-forward-update-no-downgrade-RSA2048-SHA3: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=RSA2048 HASH=SHA3
test-111-forward-update-no-downgrade-RSA4096-SHA3: $(EXPVER) FORCE
@make test-01-forward-update-no-downgrade SIGN=RSA4096 HASH=SHA3
test-all: clean test-01-forward-update-no-downgrade test-02-forward-update-allow-downgrade test-03-rollback \
test-11-forward-update-no-downgrade-ECC test-13-rollback-ECC test-21-forward-update-no-downgrade-SPI test-23-rollback-SPI \
test-34-forward-self-update \
test-44-forward-self-update-ECC \
test-51-forward-update-no-downgrade-RSA \
test-53-rollback-RSA \
test-61-forward-update-no-downgrade-TPM \
test-63-rollback-TPM \
test-71-forward-update-no-downgrade-RSA-4096 \
test-73-rollback-RSA-4096 \
test-81-forward-update-no-downgrade-ED25519-SHA3 \
test-91-forward-update-no-downgrade-ECC256-SHA3 \
test-101-forward-update-no-downgrade-RSA2048-SHA3 \
test-111-forward-update-no-downgrade-RSA4096-SHA3