On 2/14/22 01:43, AKASHI Takahiro wrote:
Heinrich,
On Fri, Feb 11, 2022 at 08:25:15PM +0100, Heinrich Schuchardt wrote:
On 2/9/22 11:10, AKASHI Takahiro wrote:
Add a couple of test cases against capsule image authentication
for capsule-on-disk, where only a signed capsule file with the verified
signature will be applied to the system.
Due to the difficulty of embedding a public key (esl file) in U-Boot
binary during pytest setup time, all the keys/certificates are pre-created.
Signed-off-by: AKASHI Takahiro <takahiro.aka...@linaro.org>
Reviewed-by: Simon Glass <s...@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodi...@linaro.org>
The test is not executed on Gitlab:
test/py/tests/test_efi_capsule/test_capsule_firmware_signed.py sss
SKIPPED [3] /builds/u-boot/custodians/u-boot-efi/test/py/conftest.py:490:
.config feature "efi_capsule_authenticate" not enabled
Please, provide a defconfig with CONFIG_EFI_CAPSULE_AUTHENTICATE=y in a
follow-up patch.
This is somehow intentional.
I don't remember quite well, but when I tried to add another defconfig file
for sandbox to initiate some test in the past, you or Simon (sorry if I
remember incorrectly here) opposed it.
Please also note that adding CONFIG_EFI_CAPSULE_AUTHENTICATE to
sandbox_defconfig doesn't make sense as it makes non-signed capsule
tests (test_capsule_firmware.py) meaningless.
This function really should be tested in Gitlab. How about adding the
setting to sandbox_spl_defconfig?
You will have to change test/run line 31 for the test to be run on
sandbox_spl.
Best regards
Heinrich
-Takahiro Akashi
