Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 30f646518b7700a508574257597598bb48cff4c6 / . / test / py / tests / test_fit_hashes.py
blob: e228ea96d31735aa3bea724b37aaaa71dc2088c5 [file] [log] [blame]
Alexandru Gagniuc16521e72021-09-15 14:33:01 -0500[diff] [blame]1# SPDX-License-Identifier: GPL-2.0+
2#
3# Copyright (c) 2021 Alexandru Gagniuc <mr.nuke.me@gmail.com>
4
5"""
6Check hashes produced by mkimage against known values
7
8This test checks the correctness of mkimage's hashes. by comparing the mkimage
9output of a fixed data block with known good hashes.
10This test doesn't run the sandbox. It only checks the host tool 'mkimage'
11"""
12
13import pytest
14import u_boot_utils as util
15
16kernel_hashes = {
17 "sha512" : "f18c1486a2c29f56360301576cdfce4dfd8e8e932d0ed8e239a1f314b8ae1d77b2a58cd7fe32e4075e69448e623ce53b0b6aa6ce5626d2c189a5beae29a68d93",
18 "sha384" : "16e28976740048485d08d793d8bf043ebc7826baf2bc15feac72825ad67530ceb3d09e0deb6932c62a5a0e9f3936baf4",
19 "sha256" : "2955c56bc1e5050c111ba6e089e0f5342bb47dedf77d87e3f429095feb98a7e5",
20 "sha1" : "652383e1a6d946953e1f65092c9435f6452c2ab7",
21 "md5" : "4879e5086e4c76128e525b5fe2af55f1",
22 "crc32" : "32eddfdf",
23 "crc16-ccitt" : "d4be"
24}
25
26class ReadonlyFitImage(object):
27 """ Helper to manipulate a FIT image on disk """
28 def __init__(self, cons, file_name):
29 self.fit = file_name
30 self.cons = cons
31 self.hashable_nodes = set()
32
33 def __fdt_list(self, path):
34 return util.run_and_log(self.cons, f'fdtget -l {self.fit} {path}')
35
36 def __fdt_get(self, node, prop):
37 val = util.run_and_log(self.cons, f'fdtget {self.fit} {node} {prop}')
38 return val.rstrip('\n')
39
40 def __fdt_get_sexadecimal(self, node, prop):
41 numbers = util.run_and_log(self.cons, f'fdtget -tbx {self.fit} {node} {prop}')
42
43 sexadecimal = ''
44 for num in numbers.rstrip('\n').split(' '):
45 sexadecimal += num.zfill(2)
46 return sexadecimal
47
48 def find_hashable_image_nodes(self):
49 for node in self.__fdt_list('/images').split():
50 # We only have known hashes for the kernel node
51 if 'kernel' not in node:
52 continue
53 self.hashable_nodes.add(f'/images/{node}')
54
55 return self.hashable_nodes
56
57 def verify_hashes(self):
58 for image in self.hashable_nodes:
59 algos = set()
60 for node in self.__fdt_list(image).split():
61 if "hash-" not in node:
62 continue
63
64 raw_hash = self.__fdt_get_sexadecimal(f'{image}/{node}', 'value')
65 algo = self.__fdt_get(f'{image}/{node}', 'algo')
66 algos.add(algo)
67
68 good_hash = kernel_hashes[algo]
69 if good_hash != raw_hash:
70 raise ValueError(f'{image} Borked hash: {algo}');
71
72 # Did we test all the hashes we set out to test?
73 missing_algos = kernel_hashes.keys() - algos
74 if (missing_algos):
75 raise ValueError(f'Missing hashes from FIT: {missing_algos}')
76
77
78@pytest.mark.buildconfigspec('hash')
79@pytest.mark.requiredtool('dtc')
80@pytest.mark.requiredtool('fdtget')
81@pytest.mark.requiredtool('fdtput')
82def test_mkimage_hashes(u_boot_console):
83 """ Test that hashes generated by mkimage are correct. """
84
85 def assemble_fit_image(dest_fit, its, destdir):
86 dtc_args = f'-I dts -O dtb -i {destdir}'
87 util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f', its, dest_fit])
88
89 def dtc(dts):
90 dtb = dts.replace('.dts', '.dtb')
91 util.run_and_log(cons, f'dtc {datadir}/{dts} -O dtb -o {tempdir}/{dtb}')
92
93 cons = u_boot_console
94 mkimage = cons.config.build_dir + '/tools/mkimage'
95 datadir = cons.config.source_dir + '/test/py/tests/vboot/'
96 tempdir = cons.config.result_dir
97 fit_file = f'{tempdir}/test.fit'
98 dtc('sandbox-kernel.dts')
99
100 # Create a fake kernel image -- Avoid zeroes or crc16 will be zero
101 with open(f'{tempdir}/test-kernel.bin', 'w') as fd:
102 fd.write(500 * chr(0xa5))
103
104 assemble_fit_image(fit_file, f'{datadir}/hash-images.its', tempdir)
105
106 fit = ReadonlyFitImage(cons, fit_file)
107 nodes = fit.find_hashable_image_nodes()
108 if len(nodes) == 0:
109 raise ValueError('FIT image has no "/image" nodes with "hash-..."')
110
111 fit.verify_hashes()