[test] Implement CDI_1 key use test #28851
Conversation
This adds code to test the following scenario: 1. boot owner FW to sign something with the CDI_1 key, 2. boot a different owner FW to ensure the key changes and produces a different signature 3. boot the same owner FW in (1) to ensure the same signature in 1 can be reproduced. Signed-off-by: Tim Trippel <[email protected]> Signed-off-by: Jason Young <[email protected]>
| "//sw/device/silicon_creator/lib/drivers:rstmgr", | ||
| ], | ||
| ) | ||
| for i in range(3) |
There was a problem hiding this comment.
It seems that the binary for i=0 is the same as the binary for i=2 so I would suggest to only create two binaries. If you really want a third create an alias:
alias(name = "cdi1_key_sign_for_assemble_2", actual="cdi1_key_sign_for_assemble_0")
| "//hw/top_earlgrey:fpga_cw340_rom_with_fake_keys", | ||
| ], | ||
| ) | ||
| for i in range(3) |
| test_cmd = """ | ||
| --bootstrap={firmware} | ||
| --second-bootstrap={second} | ||
| --third-bootstrap={third} |
There was a problem hiding this comment.
Here I think you could just set --third-bootstrap={firmware}
| "//hw/top_earlgrey:fpga_cw310_rom_ext", | ||
| "//hw/top_earlgrey:fpga_cw340_rom_ext", | ||
| ], | ||
| linker_script = "//sw/device/lib/testing/test_framework:ottf_ld_silicon_owner_slot_a", |
There was a problem hiding this comment.
Is there a particular reason to specify the linker script? If none is specified, a default one is used which comes from the exec_env and I think it would be fine for this test.
|
I might be missing something but it seems to me that the test doesn't quite match the specification: each firmware signs a piece of data with the CDI_1 and the CDI_0 and (essentially) checks that the CDI_0 signature doesn't pass with the CDI_1 key. But this doesn't verify that the CDI_1 from the second firmware is different from the first firmware? |
3 participants
This adds code to test the following scenario: