On Wed, Oct 30, 2024 at 09:23:46AM -0300, Fabio Estevam wrote: > > WARNING: This email originated from outside of GE HealthCare. Please validate > the sender's email address before clicking on links or attachments as they > may not be safe. > > Hi Brian, > > On Wed, Oct 30, 2024 at 5:08???AM Brian Ruley > <brian.ru...@gehealthcare.com> wrote: > > > > Add coverage for IMX8M code siging. Create PKI tree and other assets > > required by `cst' using `hab4_pki_tree.sh' script and `srktool' in > > `cst_3.4.1' [1]. > > > > [1] https://www.nxp.com/webapp/Download?colCode=IMX_CST_TOOL_NEW > > > > Signed-off-by: Brian Ruley <brian.ru...@gehealthcare.com> > > --- > > Changes for v4: > > - Rebased on master: > > 340_nxp_imx8mcst.dts -> 343_nxp_imx8mcst.dts > > 341_nxp_imx8mcst_fast_auth.dts -> 344_nxp_imx8mcst_fast_auth.dts > > Here is the result when I tried applying and testing this: > > $ git am > ~/Downloads/v4-1-2-binman-nxp_imx8mcst-read-certificates-from-input-path.patch > Applying: binman: nxp_imx8mcst: read certificates from input path > Applying: binman: expand test coverage to nxp_imx8mcst > .git/rebase-apply/patch:206: trailing whitespace. > X509v3 Basic Constraints: > .git/rebase-apply/patch:208: trailing whitespace. > Netscape Comment: > .git/rebase-apply/patch:210: trailing whitespace. > X509v3 Subject Key Identifier: > .git/rebase-apply/patch:212: trailing whitespace. > X509v3 Authority Key Identifier: > .git/rebase-apply/patch:333: trailing whitespace. > X509v3 Basic Constraints: > warning: squelched 7 whitespace errors > warning: 12 lines add whitespace errors. > > > $ ./tools/binman/binman test testNxpImx8mCstFastAuth > ======================== Running binman tests ======================== > E > ====================================================================== > ERROR: testNxpImx8mCstFastAuth (binman.ftest.TestFunctional) > Test that binman can sign an iMX8M image using fast authentication > ---------------------------------------------------------------------- > ValueError: Error -11 running 'cst -i > /tmp/binman.tf697xr9/nxp.csf-config-txt.nxp-imx8mcst -o > /tmp/binman.tf697xr9/nxp.csf-output-blob.nxp-imx8mcst': > > ---------------------------------------------------------------------- > Ran 1 test in 1.318s > > FAILED (errors=1) > > Any ideas?
Hi Fabio, Strange, but I don't have a clue. I was able to find the bit of Python where things go wrong in my reply to Simon: > Odd, -11 means that is the resouce is temporarily unavailable, no? I > don't see how that could be caused by my changes. I managed to trace it > to line 367 in `tools/u_boot_pylib/tools.py`, which takes us to > the run_pipe() function in `tools/u_boot_pylib/commands.py`, where we > wait on a pipe: > > 108: result.return_code = last_pipe.wait() I also described the environment I was running: > I've compiled the NXP Code Signing tool myself from version 3.4.1 > and added that to path. The system I'm running on is: > > cat /etc/fedora-release && uname -msrv > Fedora release 40 (Forty) > Linux 6.10.12-200.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Sep 30 21:38:25 > UTC 2024 x86_64 > > Also, prior to running any tests, I've built the `tools-only_defconfig`. > I admit that I find the test suites sightly confusing, so I might have > missed something. I can try to run it in different environment to see if I can reproduce the issue. Regards, Brian
