@@ -906,7 +906,7 @@ config AUTOBOOT_STOP_STR_CRYPT
and saved in the environment variable "bootstopkeycrypt".
config AUTOBOOT_STOP_STR_SHA256
- string "Stop autobooting via SHA256 encrypted password"
+ string "Stop autobooting via SHA256 hashed password"
depends on AUTOBOOT_STOP_STR_ENABLE
help
This option adds the feature to only stop the autobooting,
@@ -763,6 +763,11 @@ int console_record_avail(void)
return membuff_avail((struct membuff *)&gd->console_out);
}
+int console_in_puts(const char *str)
+{
+ return membuff_put((struct membuff *)&gd->console_in, str, strlen(str));
+}
+
#endif
/* test if ctrl-c was pressed */
@@ -284,6 +284,17 @@ CONFIG_EFI_CAPSULE_FIRMWARE_FIT=y
CONFIG_EFI_CAPSULE_FIRMWARE_RAW=y
CONFIG_EFI_SECURE_BOOT=y
CONFIG_TEST_FDTDEC=y
+CONFIG_CRYPT_PW=y
+CONFIG_CRYPT_PW_SHA256=y
+CONFIG_CRYPT_PW_SHA512=y
+CONFIG_AUTOBOOT_KEYED=y
+CONFIG_AUTOBOOT_PROMPT="Enter password \"a\" in %d seconds to stop autoboot\n"
+CONFIG_AUTOBOOT_ENCRYPTION=y
+CONFIG_AUTOBOOT_STOP_STR_ENABLE=y
+# default password "a"
+CONFIG_AUTOBOOT_STOP_STR_CRYPT="$5$rounds=640000$HrpE65IkB8CM5nCL$BKT3QdF98Bo8fJpTr9tjZLZQyzqPASBY20xuK5Rent9"
+CONFIG_AUTOBOOT_NEVER_TIMEOUT=y
+CONFIG_AUTOBOOT_SHA256_FALLBACK_ENABLE=y
CONFIG_UNIT_TEST=y
CONFIG_UT_TIME=y
CONFIG_UT_DM=y
@@ -82,6 +82,17 @@ int console_record_readline(char *str, int maxlen);
* @return available bytes (0 if empty)
*/
int console_record_avail(void);
+
+/**
+ * console_in_puts() - Write a string to the console input buffer
+ *
+ * This writes the given string to the console_in buffer which will then be
+ * returned if a function calls e.g. `getc()`
+ *
+ * @str: the string to write
+ * @return the number of bytes added
+ */
+int console_in_puts(const char *str);
#else
static inline int console_record_init(void)
{
@@ -113,6 +124,12 @@ static inline int console_record_avail(void)
return 0;
}
+static inline int console_in_puts(const char *str)
+{
+ /* There is never anything written */
+ return 0;
+}
+
#endif /* !CONFIG_CONSOLE_RECORD */
/**
new file mode 100644
@@ -0,0 +1,15 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (c) 2019 Heinrich Schuchardt <xypron.glpk@gmx.de>
+ * Copyright (c) 2021 Steffen Jaeckel <jaeckel-floss@eyet-services.de>
+ */
+
+#ifndef __TEST_COMMON_H__
+#define __TEST_COMMON_H__
+
+#include <test/test.h>
+
+/* Declare a new common function test */
+#define COMMON_TEST(_name, _flags) UNIT_TEST(_name, _flags, common_test)
+
+#endif /* __TEST_COMMON_H__ */
@@ -31,6 +31,7 @@ int do_ut_addrmap(struct cmd_tbl *cmdtp, int flag, int argc,
int do_ut_bootm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_bloblist(struct cmd_tbl *cmdtp, int flag, int argc,
char *const argv[]);
+int do_ut_common(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
int do_ut_compression(struct cmd_tbl *cmdtp, int flag, int argc,
char *const argv[]);
int do_ut_dm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
@@ -20,6 +20,7 @@ obj-$(CONFIG_UT_TIME) += time_ut.o
obj-y += ut.o
ifeq ($(CONFIG_SPL_BUILD),)
+obj-$(CONFIG_UNIT_TEST) += common/
obj-$(CONFIG_UNIT_TEST) += lib/
obj-y += log/
obj-$(CONFIG_$(SPL_)UT_UNICODE) += unicode_ut.o
@@ -28,6 +28,7 @@ int cmd_ut_category(const char *name, const char *prefix,
static struct cmd_tbl cmd_ut_sub[] = {
U_BOOT_CMD_MKENT(all, CONFIG_SYS_MAXARGS, 1, do_ut_all, "", ""),
+ U_BOOT_CMD_MKENT(common, CONFIG_SYS_MAXARGS, 1, do_ut_common, "", ""),
#if defined(CONFIG_UT_DM)
U_BOOT_CMD_MKENT(dm, CONFIG_SYS_MAXARGS, 1, do_ut_dm, "", ""),
#endif
new file mode 100644
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: GPL-2.0+
+obj-y += cmd_ut_common.o
+obj-$(CONFIG_AUTOBOOT) += test_autoboot.o
new file mode 100644
@@ -0,0 +1,22 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (c) 2019 Heinrich Schuchardt <xypron.glpk@gmx.de>
+ * Copyright (c) 2021 Steffen Jaeckel <jaeckel-floss@eyet-services.de>
+ *
+ * Unit tests for common functions
+ */
+
+#include <common.h>
+#include <command.h>
+#include <test/common.h>
+#include <test/suites.h>
+#include <test/ut.h>
+
+int do_ut_common(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
+{
+ struct unit_test *tests = UNIT_TEST_SUITE_START(common_test);
+ const int n_ents = UNIT_TEST_SUITE_COUNT(common_test);
+
+ return cmd_ut_category("common", "common_test_", tests, n_ents, argc,
+ argv);
+}
new file mode 100644
@@ -0,0 +1,90 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2021 Steffen Jaeckel
+ *
+ * Unit tests for autoboot functionality
+ */
+
+#include <autoboot.h>
+#include <common.h>
+#include <test/common.h>
+#include <test/test.h>
+#include <test/ut.h>
+
+#include <crypt.h>
+
+static int check_for_input(struct unit_test_state *uts, const char *in,
+ bool correct)
+{
+ /* The bootdelay is set to 1 second in test_autoboot() */
+ const char *autoboot_prompt =
+ "Enter password \"a\" in 1 seconds to stop autoboot";
+
+ console_record_reset_enable();
+ console_in_puts(in);
+ autoboot_command("echo Autoboot password unlock not successful");
+ ut_assert_nextline(autoboot_prompt);
+ if (!correct) {
+ ut_assert_nextline("Autoboot password unlock not successful");
+ }
+ ut_assert_console_end();
+ return 0;
+}
+
+/**
+ * test_autoboot() - unit test for autoboot
+ *
+ * @uts: unit test state
+ * Return: 0 = success, 1 = failure
+ */
+static int test_autoboot(struct unit_test_state *uts)
+{
+ /* make sure that the bootdelay is set to something,
+ * otherwise the called functions will time out
+ */
+ ut_assertok(env_set("bootdelay", "1"));
+ bootdelay_process();
+
+ /* unset all relevant environment variables */
+ env_set("bootstopusesha256", NULL);
+ env_set("bootstopkeycrypt", NULL);
+ env_set("bootstopkeysha256", NULL);
+
+ if (IS_ENABLED(CONFIG_CRYPT_PW_SHA256)) {
+ /* test the default password from CONFIG_AUTOBOOT_STOP_STR_CRYPT */
+ ut_assertok(check_for_input(uts, "a\n", true));
+
+ /* verify that the `bootstopusesha256` variable is treated correctly */
+ ut_assertok(env_set("bootstopusesha256", "false"));
+ /* test a password from the `bootstopkeycrypt` environment variable */
+ ut_assertok(env_set(
+ "bootstopkeycrypt",
+ "$5$rounds=640000$ycgRgpnRq4lmu.eb$aZ6YJWdklvyLML13w7mEHMHJnJOux6aptnp6VlsR5a9"));
+
+ ut_assertok(check_for_input(uts, "test\n", true));
+ }
+
+ if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) {
+ /* test the `bootstopusesha256` and `bootstopkeysha256` features */
+ ut_assertok(env_set("bootstopusesha256", "true"));
+ ut_assertok(env_set(
+ "bootstopkeysha256",
+ "edeaaff3f1774ad2888673770c6d64097e391bc362d7d6fb34982ddf0efd18cb"));
+
+ ut_assertok(check_for_input(uts, "abc\n", true));
+
+ ut_assertok(env_set(
+ "bootstopkeysha256",
+ "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"));
+
+ ut_assertok(check_for_input(uts, "abc", true));
+
+ ut_assertok(check_for_input(uts, "abc\n", true));
+
+ ut_assertok(check_for_input(uts, "abd", false));
+ }
+
+ return CMD_RET_SUCCESS;
+}
+
+COMMON_TEST(test_autoboot, 0);
This adds tests for the crypt-based and plain SHA256-based password hashing algorithms in the autoboot flow. Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de> --- (no changes since v1) common/Kconfig.boot | 2 +- common/console.c | 5 +++ configs/sandbox_defconfig | 11 +++++ include/console.h | 17 +++++++ include/test/common.h | 15 +++++++ include/test/suites.h | 1 + test/Makefile | 1 + test/cmd_ut.c | 1 + test/common/Makefile | 3 ++ test/common/cmd_ut_common.c | 22 +++++++++ test/common/test_autoboot.c | 90 +++++++++++++++++++++++++++++++++++++ 11 files changed, 167 insertions(+), 1 deletion(-) create mode 100644 include/test/common.h create mode 100644 test/common/Makefile create mode 100644 test/common/cmd_ut_common.c create mode 100644 test/common/test_autoboot.c