[U-Boot] [PATCH v1 00/11] import x509/pkcs7 parsers from linux

AKASHI Takahiro takahiro.akashi at linaro.org
Tue Oct 15 08:56:41 UTC 2019


On Tue, Oct 15, 2019 at 07:33:18AM +0200, Heinrich Schuchardt wrote:
> On 10/15/19 5:18 AM, AKASHI Takahiro wrote:
> >On Sat, Oct 12, 2019 at 03:02:09PM +0200, Heinrich Schuchardt wrote:
> >>On 10/11/19 9:55 AM, AKASHI Takahiro wrote:
> >>>I hope this patch set will be reviewed promptly as I'm aiming to
> >>>push my "UEFI secure boot" patch for v2020.01.
> >>>
> >>
> >>How can I make all of these new files being built to check for build
> >>warnings?
> >
> >As always in my case of UEFI secure boot, they have gone through build and
> >run/tests as part of UEFI secure boot. This is also true for RSA
> >extension as UEFI secure boot is the only user of those features.
> 
> Did you run them through Travis?
> 
> >
> >Please note that almost of all the code here come from the latest
> >linux code without any changes. A few changes that I made are
> >quite U-Boot/UEFI-secure-boot specific and is *best* tested through
> >UEFI secure boot test.
> >
> >That said, you can at least build the code by enabling
> >   Library routines
> >     Security support
> >       Asymmetric Key Support
> >         CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> >         CONFIG_X509_CERTIFICATE_PARSER
> >         CONFIG_PKCS7_MESSAGE_PARSER
> >
> >>Please, provide unit tests for the patch series.
> >
> >As I said above, it will be exercised and tested under UEFI secure boot
> >test.
> 
> If there is nothing I can test now, I would not know how to evaluate
> these patches.

Do you ask me to write "unit tests" to test all the aspects of
asn1 compiler and parsers that I have not developed any part of
and that are not changed from the original?
Doesn't make sense.

> There is good reason that we have unit tests and don't simply say U-Boot
> can be tested by booting Linux.

There are lots of examples, one is the original RSA routines, as I said,
which have not direct-linked tests and are only tested by vboot.py.

> >
> >>Please, provide a documentation how these different tools and files work
> >>together.
> >
> >What do you mean by different tools?
> >Asn1 compiler and what?
> >Do you want to have doc/README.asn1compiler?
> 
> This patch series provides some puzzle pieces but doesn't tell me how
> they fit together. Maybe a README describing the different elements
> provided for UEFI secure boot would be most appropriate.

All what you need to know is that the patch set will generate
and provide x509 parser and pkcs7 parser as a result of build process.

I will a few lines of README.asn1compiler to describe that.

-Takahiro Akashi

> Best regards
> 
> Heinrich
> 
> >
> >Thanks,
> >-Takahiro Akashi
> >
> >
> >>Best regards
> >>
> >>Heinrich
> >
> 


More information about the U-Boot mailing list