Hi Simon,
On 5/10/21 10:45 PM, Simon Glass wrote:
> On Mon, 10 May 2021 at 13:37, Steffen Jaeckel
> <jaeckel-fl...@eyet-services.de> wrote:
[snip]
>> diff --git a/common/autoboot.c b/common/autoboot.c
>> index 50ab9281e7..6f55abe388 100644
>> --- a/common/autoboot.c
>> +++ b/common/autoboot.c
>> @@ -316,3 +316,4 @@ static int abortboot_key_sequence(int bootdelay)
>> if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) {
>> - if (IS_ENABLED(CONFIG_CRYPT_PW))
>> + if (IS_ENABLED(CONFIG_CRYPT_PW) &&
>> + env_get_yesno("bootstopusesha256") != 1)
>> abort = passwd_abort_crypt(etime);
>
> Yes, and then you can enable both in sandbox and potentially have a
> test for your code within the standard sandbox build.
What kind of tests do you want to have added? Python based or C based ones?
TBH I don't see an easy way (yet) to add more tests than the ones I
already added, as enabling AUTOBOOT_KEYED (which is required for both,
crypt and sha256) would change the startup behavior of the sandbox...
Cheers
Steffen
