[PATCH v4 2/2] binman: expand test coverage to nxp_imx8mcst

Brian Ruley brian.ruley at gehealthcare.com
Mon Nov 4 09:33:00 CET 2024 

On Wed, Oct 30, 2024 at 09:23:46AM -0300, Fabio Estevam wrote:
> 
> WARNING: This email originated from outside of GE HealthCare. Please validate the sender's email address before clicking on links or attachments as they may not be safe.
> 
> Hi Brian,
> 
> On Wed, Oct 30, 2024 at 5:08???AM Brian Ruley
> <brian.ruley at gehealthcare.com> wrote:
> >
> > Add coverage for IMX8M code siging. Create PKI tree and other assets
> > required by `cst' using `hab4_pki_tree.sh' script and `srktool' in
> > `cst_3.4.1' [1].
> >
> > [1] https://www.nxp.com/webapp/Download?colCode=IMX_CST_TOOL_NEW
> >
> > Signed-off-by: Brian Ruley <brian.ruley at gehealthcare.com>
> > ---
> > Changes for v4:
> > - Rebased on master:
> >     340_nxp_imx8mcst.dts -> 343_nxp_imx8mcst.dts
> >     341_nxp_imx8mcst_fast_auth.dts -> 344_nxp_imx8mcst_fast_auth.dts
> 
> Here is the result when I tried applying and testing this:
> 
> $ git am ~/Downloads/v4-1-2-binman-nxp_imx8mcst-read-certificates-from-input-path.patch
> Applying: binman: nxp_imx8mcst: read certificates from input path
> Applying: binman: expand test coverage to nxp_imx8mcst
> .git/rebase-apply/patch:206: trailing whitespace.
>             X509v3 Basic Constraints:
> .git/rebase-apply/patch:208: trailing whitespace.
>             Netscape Comment:
> .git/rebase-apply/patch:210: trailing whitespace.
>             X509v3 Subject Key Identifier:
> .git/rebase-apply/patch:212: trailing whitespace.
>             X509v3 Authority Key Identifier:
> .git/rebase-apply/patch:333: trailing whitespace.
>             X509v3 Basic Constraints:
> warning: squelched 7 whitespace errors
> warning: 12 lines add whitespace errors.
> 
> 
> $ ./tools/binman/binman test testNxpImx8mCstFastAuth
> ======================== Running binman tests ========================
> E
> ======================================================================
> ERROR: testNxpImx8mCstFastAuth (binman.ftest.TestFunctional)
> Test that binman can sign an iMX8M image using fast authentication
> ----------------------------------------------------------------------
> ValueError: Error -11 running 'cst -i
> /tmp/binman.tf697xr9/nxp.csf-config-txt.nxp-imx8mcst -o
> /tmp/binman.tf697xr9/nxp.csf-output-blob.nxp-imx8mcst':
> 
> ----------------------------------------------------------------------
> Ran 1 test in 1.318s
> 
> FAILED (errors=1)
> 
> Any ideas?

Hi Fabio,

Strange, but I don't have a clue. I was able to find the bit of Python
where things go wrong in my reply to Simon:

> Odd, -11 means that is the resouce is temporarily unavailable, no? I
> don't see how that could be caused by my changes. I managed to trace it
> to line 367 in `tools/u_boot_pylib/tools.py`, which takes us to
> the run_pipe() function in `tools/u_boot_pylib/commands.py`, where we
> wait on a pipe:
> 
>    108:    result.return_code = last_pipe.wait()

I also described the environment I was running:

> I've compiled the NXP Code Signing tool myself from version 3.4.1
> and added that to path. The system I'm running on is:
> 
>    cat /etc/fedora-release && uname -msrv
>    Fedora release 40 (Forty)
>    Linux 6.10.12-200.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Sep 30 21:38:25 UTC 2024 x86_64
> 
> Also, prior to running any tests, I've built the `tools-only_defconfig`.
> I admit that I find the test suites sightly confusing, so I might have
> missed something.

I can try to run it in different environment to see if I can reproduce
the issue.

Regards,
Brian

More information about the U-Boot mailing list