[RFC PATCH 2/2] test/py: efi_secboot: adjust secure boot tests to code changes
Ilias Apalodimas
ilias.apalodimas at linaro.org
Fri Feb 4 08:32:02 CET 2022
The previous patch is changing U-Boot's behavior wrt certificate based
binary authentication. Specifically an image who's digest of a
certificate is found in dbx is now rejected. Fix the test accordingly
Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
---
test/py/tests/test_efi_secboot/test_signed.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py
index 0aee34479f55..7f5ec78261da 100644
--- a/test/py/tests/test_efi_secboot/test_signed.py
+++ b/test/py/tests/test_efi_secboot/test_signed.py
@@ -186,7 +186,7 @@ class TestEfiSignedImage(object):
assert 'Hello, world!' in ''.join(output)
with u_boot_console.log.section('Test Case 5c'):
- # Test Case 5c, not rejected if one of signatures (digest of
+ # Test Case 5c, rejected if one of signatures (digest of
# certificate) is revoked
output = u_boot_console.run_command_list([
'fatload host 0:1 4000000 dbx_hash.auth',
@@ -195,7 +195,8 @@ class TestEfiSignedImage(object):
output = u_boot_console.run_command_list([
'efidebug boot next 1',
'efidebug test bootmgr'])
- assert 'Hello, world!' in ''.join(output)
+ assert '\'HELLO\' failed' in ''.join(output)
+ assert 'efi_start_image() returned: 26' in ''.join(output)
with u_boot_console.log.section('Test Case 5d'):
# Test Case 5d, rejected if both of signatures are revoked
--
2.32.0
More information about the U-Boot
mailing list