[PATCH 1/1] test: stabilize test_efi_secboot
AKASHI Takahiro
takahiro.akashi at linaro.org
Thu May 21 02:23:30 CEST 2020
Heinrich,
On Mon, May 11, 2020 at 03:56:56PM +0900, AKASHI Takahiro wrote:
> Heinrich,
>
> On Fri, May 08, 2020 at 08:10:28AM +0900, AKASHI Takahiro wrote:
> > On Thu, May 07, 2020 at 11:14:17PM +0200, Heinrich Schuchardt wrote:
> > > On 5/7/20 2:36 AM, AKASHI Takahiro wrote:
> > > > Heinrich,
> > > >
> > > > On Mon, May 04, 2020 at 12:33:26PM +0200, Heinrich Schuchardt wrote:
> > > >> When setting up the console via function efi_console_register() we call
> > > >> query_console_serial(). This functions sends an escape sequence to the
> > > >> terminal to query the display size. The response is another escape
> > > >> sequence.
> > > >>
> > > >> console.run_command_list() is looking for a regular expression '^==>'.
> > > >> If the escape sequence for the screen size precedes the prompt without a
> > > >> line break, no match is found.
> > > >>
> > > >> When efi_disk_register() is called before efi_console_register() this leads
> > > >> to a test failuere of the UEFI secure boot tests.
> > > >
> > > > Why does the order of those calls affect test results?
> > >
> > > Please, have a look at function query_console_serial() and at
> > > run_command_list().
> > >
> > > As described above:
> > > '\e7\e[r\e[999;999H\e[6n\e8==>' cannot be matched by regular expression
> > > '^==>'.
> >
> > (Probably) right, but what I don't get here is why efi_disk_register()
> > have an impact on efi_console_register(). The former function has
> > nothing to do with any console behaviors.
>
> You have merged your patch without replying to my comment.
Not yet
> > Moreover, I wonder
> > - why you want to move efi_console_register() after efi_disk_register().
> > - why python script can see such escape sequences.
>
> I don't like your fix.
> With your fixes, my secure boot pytest now fails to run
> on sandbox locally.
>
> Instead, I propose:
> 1. revert your commits
> commit 16ad946f41d3 ("efi_loader: change setup sequence")
> commit 5827c2545849 ("test: stabilize test_efi_secboot")
> 2. move efi_console_register() forward *before* efi_console_register()
>
>
> Then my secure boot test should work again without any modification.
> I believe that my solution is much better than your workaround.
Any comment?
Or do you want me to post a patch?
> -Takahiro Akashi
>
> > >
> > > >
> > > >> We can avoid the problem if the first UEFI command passed to
> > > >> u_boot_console.run_command_list() produces output. This patch achieves this
> > > >> by appending '; echo' to the first UEFI related command of the problematic
> > > >> tests.
> > > >
> > > > It looks to be a workaround.
> > > > We'd better have another approach to fix the problem.
> > > > Otherwise, similar issues will occur again.
> > >
> > > I would not like to change the logic in Python to detect the U-Boot
> > > prompt for something UEFI specific. And we need a method to determine
> > > the size of a serial console.
> > >
> > > The current approach allowed me to merge your patch series which
> > > otherwise might not have reached the v2020.07 release. Did the problem
> > > not show up in your Travis CI testing?
> >
> > No. If your saying is correct, this can happen only if efi_console_register()
> > is moved after efi_disk_register(). Right?
> >
> > > If you have a better solution, we can easily merge your patch.
> >
> > First, I want to understand what's happening.
> >
> > -Takahiro Akashi
> >
> > > Best regards
> > >
> > > Heinrich
> > >
> > > >
> > > > Thanks,
> > > > -Takahiro Akashi
> > > >
> > > >> Signed-off-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
> > > >> ---
> > > >> test/py/tests/test_efi_secboot/test_authvar.py | 8 ++++----
> > > >> test/py/tests/test_efi_secboot/test_signed.py | 4 ++--
> > > >> test/py/tests/test_efi_secboot/test_unsigned.py | 6 +++---
> > > >> 3 files changed, 9 insertions(+), 9 deletions(-)
> > > >>
> > > >> diff --git a/test/py/tests/test_efi_secboot/test_authvar.py b/test/py/tests/test_efi_secboot/test_authvar.py
> > > >> index 55dcaa95f1..9912694a3e 100644
> > > >> --- a/test/py/tests/test_efi_secboot/test_authvar.py
> > > >> +++ b/test/py/tests/test_efi_secboot/test_authvar.py
> > > >> @@ -133,7 +133,7 @@ class TestEfiAuthVar(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 db.auth',
> > > >> @@ -174,7 +174,7 @@ class TestEfiAuthVar(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 db.auth',
> > > >> @@ -215,7 +215,7 @@ class TestEfiAuthVar(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 db.auth',
> > > >> @@ -249,7 +249,7 @@ class TestEfiAuthVar(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 db.auth',
> > > >> diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py
> > > >> index 584282b338..fc722ab506 100644
> > > >> --- a/test/py/tests/test_efi_secboot/test_signed.py
> > > >> +++ b/test/py/tests/test_efi_secboot/test_signed.py
> > > >> @@ -29,7 +29,7 @@ class TestEfiSignedImage(object):
> > > >> # Test Case 1a, run signed image if no db/dbx
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> - 'efidebug boot add 1 HELLO1 host 0:1 /helloworld.efi.signed ""',
> > > >> + 'efidebug boot add 1 HELLO1 host 0:1 /helloworld.efi.signed ""; echo',
> > > >> 'efidebug boot next 1',
> > > >> 'bootefi bootmgr'])
> > > >> assert(re.search('Hello, world!', ''.join(output)))
> > > >> @@ -81,7 +81,7 @@ class TestEfiSignedImage(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 db.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> diff --git a/test/py/tests/test_efi_secboot/test_unsigned.py b/test/py/tests/test_efi_secboot/test_unsigned.py
> > > >> index 22d849afb8..a4af845c51 100644
> > > >> --- a/test/py/tests/test_efi_secboot/test_unsigned.py
> > > >> +++ b/test/py/tests/test_efi_secboot/test_unsigned.py
> > > >> @@ -30,7 +30,7 @@ class TestEfiUnsignedImage(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK; echo',
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize PK'])
> > > >> assert(not re.search('Failed to set EFI variable', ''.join(output)))
> > > >> @@ -58,7 +58,7 @@ class TestEfiUnsignedImage(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 db_hello.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize db',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize db; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> @@ -82,7 +82,7 @@ class TestEfiUnsignedImage(object):
> > > >> output = u_boot_console.run_command_list([
> > > >> 'host bind 0 %s' % disk_img,
> > > >> 'fatload host 0:1 4000000 db_hello.auth',
> > > >> - 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx',
> > > >> + 'setenv -e -nv -bs -rt -at -i 4000000,$filesize dbx; echo',
> > > >> 'fatload host 0:1 4000000 KEK.auth',
> > > >> 'setenv -e -nv -bs -rt -at -i 4000000,$filesize KEK',
> > > >> 'fatload host 0:1 4000000 PK.auth',
> > > >> --
> > > >> 2.26.2
> > > >>
> > >
More information about the U-Boot
mailing list