[v3,5/5] secvar/test: add rudimentary secvar API unit testing
diff mbox series

Message ID 20190903213416.16535-6-erichte@linux.ibm.com
State New
Headers show
Series
  • Add Secure Variable Support
Related show

Checks

Context Check Description
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot-dco success Signed-off-by present
snowpatch_ozlabs/snowpatch_job_snowpatch-skiboot success Test snowpatch/job/snowpatch-skiboot on branch master
snowpatch_ozlabs/apply_patch success Successfully applied on branch master (7b12d5489fcfd73ef7ec0cb27eff7f8a5f13b238)

Commit Message

Eric Richter Sept. 3, 2019, 9:34 p.m. UTC
This patch adds an initial port of the userspace unit tests for exercising
the API that were originally developed out of tree. Future revisions will
adjust the naming schemes and general formatting to match that of other
tests within skiboot.

Signed-off-by: Eric Richter <erichte@linux.ibm.com>
---
 libstb/secvar/test/Makefile.check        |  46 +++++++
 libstb/secvar/test/secvar-test-enqueue.c | 158 +++++++++++++++++++++++
 libstb/secvar/test/secvar-test-getvar.c  | 109 ++++++++++++++++
 libstb/secvar/test/secvar-test-nextvar.c | 132 +++++++++++++++++++
 libstb/secvar/test/secvar-test-void.c    |  24 ++++
 libstb/secvar/test/secvar_api_test.c     |  91 +++++++++++++
 libstb/secvar/test/secvar_common_test.c  |  62 +++++++++
 7 files changed, 622 insertions(+)
 create mode 100644 libstb/secvar/test/Makefile.check
 create mode 100644 libstb/secvar/test/secvar-test-enqueue.c
 create mode 100644 libstb/secvar/test/secvar-test-getvar.c
 create mode 100644 libstb/secvar/test/secvar-test-nextvar.c
 create mode 100644 libstb/secvar/test/secvar-test-void.c
 create mode 100644 libstb/secvar/test/secvar_api_test.c
 create mode 100644 libstb/secvar/test/secvar_common_test.c

Patch
diff mbox series

diff --git a/libstb/secvar/test/Makefile.check b/libstb/secvar/test/Makefile.check
new file mode 100644
index 00000000..0b172039
--- /dev/null
+++ b/libstb/secvar/test/Makefile.check
@@ -0,0 +1,46 @@ 
+# -*-Makefile-*-
+SECVAR_TEST_DIR = libstb/secvar/test
+#SUBDIRS = $(SECVAR_TEST_DIR)
+
+SECVAR_TEST = $(patsubst %.c, %, $(wildcard $(SECVAR_TEST_DIR)/secvar-test-*.c))
+
+HOSTCFLAGS+=-I . -I include
+
+.PHONY : secvar-check
+secvar-check: $(SECVAR_TEST:%=%-check) $(SECVAR_TEST:%=%-gcov-run)
+secvar-check: $(SECVAR_TEST_NOSTUB:%=%-check) $(SECVAR_TEST_NOSTUB:%=%-gcov-run)
+
+.PHONY : secvar-coverage
+secvar-coverage: $(SECVAR_TEST:%=%-gcov-run)
+secvar-coverage: $(SECVAR_TEST_NOSTUB:%=%-gcov-run)
+
+check: secvar-check
+coverage: secvar-coverage
+
+# TODO: create pnor image for only tests that need it
+$(SECVAR_TEST:%=%-gcov-run) : %-run: %
+	@dd if=/dev/zero of=secboot.img bs=128k count=1 2> /dev/null
+	$(call QTEST, TEST-COVERAGE ,$< , $<)
+	@$(RM) -f secboot.img
+
+$(SECVAR_TEST:%=%-check) : %-check: %
+	@dd if=/dev/zero of=secboot.img bs=128k count=1 2> /dev/null
+	$(call QTEST, RUN-TEST ,$(VALGRIND) $<, $<)
+	@$(RM) -f secboot.img
+
+$(SECVAR_TEST) : core/test/stubs.o
+
+$(SECVAR_TEST) : % : %.c
+	$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) -O0 -g -I include -I . -I libfdt -o $@ $< core/test/stubs.o, $<)
+
+$(SECVAR_TEST:%=%-gcov): %-gcov : %.c %
+	$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) $(HOSTGCOVCFLAGS) -I include -I . -I libfdt -lgcov -o $@ $< core/test/stubs.o, $<)
+
+-include $(wildcard libstb/secvar/test/*.d)
+
+clean: secvar-test-clean
+
+secvar-test-clean:
+	$(RM) -f libstb/secvar/test/*.[od] $(SECVAR_TEST) $(SECVAR_TEST:%=%-gcov)
+	$(RM) -f libstb/secvar/test/*.gcda libstb/secvar/test/*.gcno
+	$(RM) -f secboot.img
diff --git a/libstb/secvar/test/secvar-test-enqueue.c b/libstb/secvar/test/secvar-test-enqueue.c
new file mode 100644
index 00000000..385e9934
--- /dev/null
+++ b/libstb/secvar/test/secvar-test-enqueue.c
@@ -0,0 +1,158 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "secvar_api_test.c"
+
+const char *secvar_test_name = "enqueue";
+
+// Stub storage function, enqueue only cares that this succeeds
+static int temp_write_bank(struct list_head *bank, int section)
+{
+	(void) bank, (void) section;
+	return OPAL_SUCCESS;
+}
+
+int run_test(void)
+{
+	int64_t rc;
+
+	struct secvar_node *node;
+	char key[1024] = {0};
+
+	uint64_t data_size = 128;
+	char *data = zalloc(data_size);
+
+	/*** Bad cases first this time ***/
+	// No write bank hook set
+	secvar_storage.write_bank = NULL;
+	memcpy(key, "meow", 4); // ascii
+	rc = secvar_enqueue(key, 4, data, data_size);
+	ASSERT(rc == OPAL_HARDWARE);
+
+	// Set a stub bank writer, so the rest runs ok
+	secvar_storage.write_bank = temp_write_bank;
+
+	// Parameter checks
+	// null key
+	rc = secvar_enqueue(NULL, 5, data, data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// key is empty
+	memset(key, 0, sizeof(key));
+	rc = secvar_enqueue(key, 5, data, data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// keylen is zero
+	rc = secvar_enqueue(key, 0, data, data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// keylen is excessive
+	rc = secvar_enqueue(key, 5000, data, data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// null data
+	rc = secvar_enqueue(key, 5, NULL, data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// data_size is excessive
+	rc = secvar_enqueue(key, 5, data, 50000);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// data_size is zero
+	rc = secvar_enqueue(key, 5, data, 0);
+	ASSERT(rc == OPAL_PARAMETER);
+	ASSERT(list_empty(&update_bank));
+
+	// secvar is disabled
+	secvar_enabled = 0;
+	rc = secvar_enqueue(key, 5, data, data_size);
+	ASSERT(rc == OPAL_UNSUPPORTED);
+	secvar_enabled = 1;
+
+	// secvar is not ready
+	secvar_ready = 0;
+	rc = secvar_enqueue(key, 5, data, data_size);
+	ASSERT(rc == OPAL_RESOURCE);
+	secvar_ready = 1;
+
+
+	/*** Good cases ***/
+	// TODO: add data?
+	memcpy(key, "test", 4); // ascii
+	rc = secvar_enqueue(key, 4, data, data_size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(list_length(&update_bank) == 1);
+
+	memcpy(key, "f\0o\0o\0b\0a\0r\0", 6*2); // "unicode"
+	rc = secvar_enqueue(key, 6*2, data, data_size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(list_length(&update_bank) == 2);
+
+	memcpy(key, "meep", 4);
+	rc = secvar_enqueue(key, 4, data, data_size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(list_length(&update_bank) == 3); // should not increase
+
+	// Re-add the same variable
+	memcpy(key, "meep", 4);
+	rc = secvar_enqueue(key, 4, data, data_size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(list_length(&update_bank) == 3); // should not increase
+	node = list_tail(&update_bank, struct secvar_node, link);
+	ASSERT(!memcmp(node->var->key, key, 4))	// should be at end
+
+	// Unstage the variable update
+	rc = secvar_enqueue(key, 4, NULL, 0);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(list_length(&update_bank) == 2);
+
+	// Unstage a bogus variable update
+	rc = secvar_enqueue("nada", 4, NULL, 0);
+	ASSERT(rc == OPAL_EMPTY);
+	ASSERT(list_length(&update_bank) == 2);
+
+
+	// Empty the in-memory cache, and reload from "pnor"
+	//   Removed to drop dependency on a storage backend
+	//   Probably not actually necessary to test, that's the
+	//   job of the storage backend tests
+	/*
+	clear_bank_list(&update_bank);
+	ASSERT(list_empty(&update_bank));
+	secvar_storage.load_bank(&update_bank, SECVAR_UPDATE_BANK);
+	printf("list_length = %d\n", list_length(&update_bank));
+	ASSERT(list_length(&update_bank) == 2);
+
+	node = list_top(&update_bank, struct secvar_node, link);
+	ASSERT(node);
+	ASSERT(!memcmp(node->var->key, "test", 4));
+	node = list_next(&update_bank, node, link);
+	ASSERT(node);
+	ASSERT(!memcmp(node->var->key, "f\0o\0o\0b\0a\0r\0", 6*2));
+	*/
+
+	/*** ONE more bad case... ***/
+
+	free(data);
+
+	return 0;
+
+}
diff --git a/libstb/secvar/test/secvar-test-getvar.c b/libstb/secvar/test/secvar-test-getvar.c
new file mode 100644
index 00000000..eeedd61b
--- /dev/null
+++ b/libstb/secvar/test/secvar-test-getvar.c
@@ -0,0 +1,109 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "secvar_api_test.c"
+
+const char *secvar_test_name = "getvar";
+
+// Run tests on the less obvious features of secvar_get
+// Includes:
+//  - Partial reads
+//  - Size queries (NULL buffer)
+//int run_test_helper(uint64_t bank_enum)
+int run_test(void)
+{
+	int64_t rc;
+
+	uint64_t size = 4;
+	char *temp = zalloc(100);
+	char key[1024] = {0};
+
+	struct secvar_node *node = zalloc(sizeof(struct secvar_node));
+	struct secvar *var = zalloc(sizeof(struct secvar) + 1024); // over-allocate for now, this should be rewritten
+	size_t data_size = sizeof("foobar");
+	char *data = zalloc(data_size);
+	uint64_t key_len = 4;
+	memcpy(data, "foobar", data_size);
+
+	memcpy(key, "test", 4);
+
+	// List should be empty at start
+	rc = secvar_get(key, key_len, data, &data_size);
+	ASSERT(rc == OPAL_EMPTY);
+	ASSERT(list_length(&variable_bank) == 0);
+
+	// Manually add variables, and check get_variable call
+	var->key_len = key_len;
+	memcpy(var->key, key, key_len);
+	var->data_size = data_size;
+	memcpy(var->data, data, data_size);
+
+	node->var = var;
+	list_add_tail(&variable_bank, &node->link);
+
+	ASSERT(list_length(&variable_bank) == 1);
+
+	// TEST ONLY DATA
+	// Test actual variable get
+	size = data_size;
+	rc = secvar_get(key, key_len, temp, &size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(0 == memcmp("foobar", var->data, size));
+
+	// Test buffer too small
+	size = data_size / 2;
+	memset(temp, 0, 100);
+	rc = secvar_get(key, key_len, temp, &size);
+	ASSERT(rc == OPAL_PARTIAL);
+
+	size = 0;
+	rc = secvar_get(key, key_len, temp, &size);
+	ASSERT(rc == OPAL_PARTIAL);
+	ASSERT(size == data_size);
+
+	// Test size query w/ no data
+	size = 0;
+	rc = secvar_get(key, key_len, NULL, &size);
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(size == data_size);
+
+	/**** Error/Bad param cases ****/
+	// NULL key
+	rc = secvar_get(NULL, key_len, data, &data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	// zero key_len
+	rc = secvar_get(key, 0, data, &data_size);
+	ASSERT(rc == OPAL_PARAMETER);
+	// NULL size, valid data
+	rc = secvar_get(key, key_len, data, NULL);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	secvar_enabled = 0;
+	rc = secvar_get(key, key_len, data, &data_size);
+	ASSERT(rc == OPAL_UNSUPPORTED);
+	secvar_enabled = 1;
+
+	secvar_ready = 0;
+	rc = secvar_get(key, key_len, data, &data_size);
+	ASSERT(rc == OPAL_RESOURCE);
+	secvar_ready = 1;
+
+	list_del(&node->link);
+
+	free(data);
+	free(temp);
+
+	return 0;
+}
diff --git a/libstb/secvar/test/secvar-test-nextvar.c b/libstb/secvar/test/secvar-test-nextvar.c
new file mode 100644
index 00000000..79859195
--- /dev/null
+++ b/libstb/secvar/test/secvar-test-nextvar.c
@@ -0,0 +1,132 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "secvar_api_test.c"
+
+const char *secvar_test_name = "nextvar";
+
+int run_test(void)
+{
+	int64_t rc;
+
+	struct secvar *tmpvar;
+	struct secvar_node *tmpnode;
+
+	char key[1024] = {0};
+	uint64_t key_len = 16;
+
+
+	// Load up the bank with some variables.
+	// If these fail, we have bigger issues.
+	ASSERT(list_length(&variable_bank) == 0);
+	tmpvar = zalloc(sizeof(struct secvar) + 6);
+	tmpnode = zalloc(sizeof(struct secvar_node));
+	memcpy(tmpvar->key, "test1", 6); // ascii w/ null
+	tmpvar->key_len = 6;
+	tmpnode->var = tmpvar;
+	list_add_tail(&variable_bank, &tmpnode->link);
+	ASSERT(list_length(&variable_bank) == 1);
+
+	tmpvar = zalloc(sizeof(struct secvar) + 5);
+	tmpnode = zalloc(sizeof(struct secvar_node));
+	memcpy(tmpvar->key, "test2", 5); // ascii w/o null
+	tmpvar->key_len = 5;
+	tmpnode->var = tmpvar;
+	list_add_tail(&variable_bank, &tmpnode->link);
+	ASSERT(list_length(&variable_bank) == 2);
+
+	tmpvar = zalloc(sizeof(struct secvar) + 5*2);
+	tmpnode = zalloc(sizeof(struct secvar_node));
+	memcpy(tmpvar->key, L"test3", 5*2); // wide char "unicode"
+	tmpvar->key_len = 10;
+	tmpnode->var = tmpvar;
+	list_add_tail(&variable_bank, &tmpnode->link);
+	ASSERT(list_length(&variable_bank) == 3);
+
+	// Test sequential nexts
+	// first item
+	memset(key, 0, sizeof(key));
+	key_len = 0;
+	rc = secvar_get_next(key, &key_len, sizeof(key));
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(key_len == 6);
+	ASSERT(!memcmp(key, "test1", key_len));
+
+	// second item
+	rc = secvar_get_next(key, &key_len, sizeof(key));
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(key_len == 5);
+	ASSERT(!memcmp(key, "test2", key_len));
+
+	// last item
+	rc = secvar_get_next(key, &key_len, sizeof(key));
+	ASSERT(rc == OPAL_SUCCESS);
+	ASSERT(key_len == 5*2);
+	ASSERT(!memcmp(key, L"test3", key_len));
+
+	// end-of-list
+	rc = secvar_get_next(key, &key_len, sizeof(key));
+	ASSERT(rc == OPAL_EMPTY);
+
+
+	memset(key, 0, sizeof(key));
+	/*** Time for a break to test bad parameters ***/
+	// null key
+	rc = secvar_get_next(NULL, &key_len, 1024);
+	ASSERT(rc == OPAL_PARAMETER);
+	// Size too small
+	key_len = 0;
+	rc = secvar_get_next(key, &key_len, 1);
+	ASSERT(rc == OPAL_PARTIAL);
+	ASSERT(key_len == 6);
+	// Supplied key length is larger than the buffer
+	key_len = 6;
+	rc = secvar_get_next(key, &key_len, 1);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	// NULL key_len pointer
+	rc = secvar_get_next(key, NULL, 1024);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	// NULL key_len pointer
+	key_len = ~0;
+	rc = secvar_get_next(key, &key_len, 1024);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	// zero key_len
+	key_len = 0;
+	rc = secvar_get_next(key, &key_len, 0);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	// Non-existing previous variable
+	key_len = 1024;
+	memcpy(key, L"foobar", 7*2);
+	rc = secvar_get_next(key, &key_len, 1024);
+	ASSERT(rc == OPAL_PARAMETER);
+
+	secvar_enabled = 0;
+	rc = secvar_get_next(key, &key_len, 1024);
+	ASSERT(rc == OPAL_UNSUPPORTED);
+	secvar_enabled = 1;
+
+	secvar_ready = 0;
+	rc = secvar_get_next(key, &key_len, 1024);
+	ASSERT(rc == OPAL_RESOURCE);
+	secvar_ready = 1;
+
+	clear_bank_list(&variable_bank);
+
+	return 0;
+}
diff --git a/libstb/secvar/test/secvar-test-void.c b/libstb/secvar/test/secvar-test-void.c
new file mode 100644
index 00000000..45b8f449
--- /dev/null
+++ b/libstb/secvar/test/secvar-test-void.c
@@ -0,0 +1,24 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "secvar_api_test.c"
+
+const char *secvar_test_name = "void";
+
+int run_test()
+{
+	// Do nothing... ensure testing framework is...working.
+	return 0;
+}
diff --git a/libstb/secvar/test/secvar_api_test.c b/libstb/secvar/test/secvar_api_test.c
new file mode 100644
index 00000000..62137b01
--- /dev/null
+++ b/libstb/secvar/test/secvar_api_test.c
@@ -0,0 +1,91 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include "secvar_common_test.c"
+
+
+// Hack to include the code we actually want to test here...
+#include "../secvar_api.c"
+#include "../secvar_util.c"
+
+// Stuff from secvar_main that we need, but not enough to
+// include that file
+int secvar_enabled = 0;
+int secvar_ready = 0;
+
+
+/**** Helper wrappers, so the caller doesn't have to cast ****/
+
+static int64_t secvar_get(const char *k_key, uint64_t k_key_len, void *k_data, uint64_t *k_data_size)
+{
+	return opal_secvar_get( k_key,
+				 k_key_len,
+				 k_data,
+				 k_data_size);
+}
+
+static int64_t secvar_get_next(char *k_key, uint64_t *k_key_len, uint64_t k_key_size)
+{
+
+	return opal_secvar_get_next( k_key,
+					k_key_len,
+					k_key_size);
+}
+
+
+
+static int64_t secvar_enqueue(const char *k_key, uint64_t k_key_len, void *k_data, uint64_t k_data_size)
+{
+	return opal_secvar_enqueue_update(k_key,
+				k_key_len,
+				k_data,
+				k_data_size);
+
+}
+
+
+
+// Entry point
+// TODO: do some real argparsing
+int main(int argc, char **argv)
+{
+	int ret;
+
+	(void) secvar_get;
+	(void) secvar_get_next;
+	(void) secvar_enqueue;
+	(void) argc;
+	(void) argv;
+
+        secvar_enabled = 1;
+
+        list_head_init(&variable_bank);
+        list_head_init(&update_bank);
+
+	secvar_ready = 1;
+
+	printf("Running test '%s'...", secvar_test_name);
+	ret = run_test();
+	if (ret)
+		printf(COLOR_RED "FAILED" COLOR_RESET "\n");
+	else
+		printf(COLOR_GREEN "OK" COLOR_RESET "\n");
+
+	// Clean up for the test cases
+	clear_bank_list(&variable_bank);
+	clear_bank_list(&update_bank);
+
+	return ret;
+}
diff --git a/libstb/secvar/test/secvar_common_test.c b/libstb/secvar/test/secvar_common_test.c
new file mode 100644
index 00000000..e5bbffaf
--- /dev/null
+++ b/libstb/secvar/test/secvar_common_test.c
@@ -0,0 +1,62 @@ 
+/* Copyright 2019 IBM Corp.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define SECBOOT_FILE "secboot.img"
+#define SECBOOT_SIZE 128000
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <skiboot.h>
+#include <ccan/list/list.h>
+#include <stdarg.h>
+
+// Force p9
+enum proc_gen proc_gen = proc_gen_p9;
+
+// Replace memalign with regular old malloc
+#define memalign(a, b) malloc(b)
+#define zalloc(a) calloc(1, a)
+
+
+
+struct list_head variable_bank;
+struct list_head update_bank;
+
+struct secvar_storage_driver secvar_storage;
+
+
+// For log file output instead of stdout
+FILE *outfile;
+
+#ifndef NO_COLOR
+#define COLOR_RED	"\033[0;31m"
+#define COLOR_GREEN	"\033[1;32m"
+#define COLOR_RESET	"\033[0m"
+#else
+#define COLOR_RED	""
+#define COLOR_GREEN	""
+#define COLOR_RESET	""
+#endif
+
+// Helper functions and macros to make test case writing easier
+
+// Semi-configurable assert, can use to jump to a clean up step on fail
+#define ASSERT_POST(a,b) if(!(a)){fprintf(stdout, "Assert '%s' failed at %s:%d...", #a, __FILE__, __LINE__);b;}
+#define ASSERT(a) ASSERT_POST(a, return 1)
+
+// To be defined by test case
+int run_test(void);
+const char *secvar_test_name;