mirror of
				https://github.com/smaeul/u-boot.git
				synced 2025-10-25 01:58:13 +01:00 
			
		
		
		
	As discussed previously [1,2], the source command is not safe to use with verified boot unless there is a key with required = "images" (which has its own problems). This is because if such a key is absent, signatures are verified but not required. It is assumed that configuration nodes will provide the signature. Because the source command does not use configurations to determine the image to source, effectively no verification takes place. To address this, allow specifying configuration nodes. We use the same syntax as the bootm command (helpfully provided for us by fit_parse_conf). By default, we first try the default config and then the default image. To force using a config, # must be present in the command (e.g. `source $loadaddr#my-conf`). For convenience, the config may be omitted, just like the address may be (e.g. `source \#`). This also works for images (`source :` behaves exactly like `source` currently does). [1] https://lore.kernel.org/u-boot/7d711133-d513-5bcb-52f2-a9dbaa9eeded@prevas.dk/ [2] https://lore.kernel.org/u-boot/042dcb34-f85f-351e-1b0e-513f89005fdd@gmail.com/ Signed-off-by: Sean Anderson <sean.anderson@seco.com> Reviewed-by: Simon Glass <sjg@chromium.org>
		
			
				
	
	
		
			38 lines
		
	
	
		
			1.5 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			38 lines
		
	
	
		
			1.5 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| # SPDX-License-Identifier: GPL-2.0+
 | |
| # Copyright (C) 2022 Sean Anderson <sean.anderson@seco.com>
 | |
| 
 | |
| import os
 | |
| import pytest
 | |
| import u_boot_utils as util
 | |
| 
 | |
| @pytest.mark.boardspec('sandbox')
 | |
| @pytest.mark.buildconfigspec('cmd_echo')
 | |
| @pytest.mark.buildconfigspec('cmd_source')
 | |
| @pytest.mark.buildconfigspec('fit')
 | |
| def test_source(u_boot_console):
 | |
|     # Compile our test script image
 | |
|     cons = u_boot_console
 | |
|     mkimage = os.path.join(cons.config.build_dir, 'tools/mkimage')
 | |
|     its = os.path.join(cons.config.source_dir, 'test/py/tests/source.its')
 | |
|     fit = os.path.join(cons.config.build_dir, 'source.itb')
 | |
|     util.run_and_log(cons, (mkimage, '-f', its, fit))
 | |
|     cons.run_command(f'host load hostfs - $loadaddr {fit}')
 | |
| 
 | |
|     assert '2' in cons.run_command('source')
 | |
|     assert '1' in cons.run_command('source :')
 | |
|     assert '1' in cons.run_command('source :script-1')
 | |
|     assert '2' in cons.run_command('source :script-2')
 | |
|     assert 'Fail' in cons.run_command('source :not-a-script || echo Fail')
 | |
|     assert '2' in cons.run_command('source \\#')
 | |
|     assert '1' in cons.run_command('source \\#conf-1')
 | |
|     assert '2' in cons.run_command('source \\#conf-2')
 | |
| 
 | |
|     cons.run_command('fdt addr $loadaddr')
 | |
|     cons.run_command('fdt rm /configurations default')
 | |
|     assert '1' in cons.run_command('source')
 | |
|     assert 'Fail' in cons.run_command('source \\# || echo Fail')
 | |
| 
 | |
|     cons.run_command('fdt rm /images default')
 | |
|     assert 'Fail' in cons.run_command('source || echo Fail')
 | |
|     assert 'Fail' in cons.run_command('source \\# || echo Fail')
 |