test: Add sandbox TPM boot measurement

Use the sandbox TPM driver to measure some boot images in a unit test case. Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2025-04-21 04:14:34 +00:00 · 2023-10-24 10:43:51 -05:00 · 2023-10-24 10:43:51 -05:00 · 5999ea20fa
commit 5999ea20fa
parent dec166d6b2
7 changed files with 99 additions and 0 deletions
--- a/arch/sandbox/dts/sandbox.dtsi
+++ b/arch/sandbox/dts/sandbox.dtsi
@ -4,11 +4,23 @@
 * and sandbox64 builds.
 */

+#include <config.h>
 #include <dt-bindings/input/input.h>

 #define USB_CLASS_HUB			9

 / {
+	reserved-memory {
+		#address-cells = <1>;
+		#size-cells = <1>;
+		ranges;
+
+		event_log: tcg_event_log {
+			no-map;
+			reg = <(CFG_SYS_SDRAM_SIZE - 0x2000) 0x2000>;
+		};
+	};
+
 	binman {
 	};

@ -342,6 +354,7 @@

 	tpm2 {
 		compatible = "sandbox,tpm2";
+		memory-region = <&event_log>;
 	};

 	triangle {
--- a/arch/sandbox/dts/test.dts
+++ b/arch/sandbox/dts/test.dts
@ -9,6 +9,7 @@

 /dts-v1/;

+#include <config.h>
 #include <dt-bindings/gpio/gpio.h>
 #include <dt-bindings/gpio/sandbox-gpio.h>
 #include <dt-bindings/input/input.h>
@ -68,6 +69,17 @@
 		osd0 = "/osd";
 	};

+	reserved-memory {
+		#address-cells = <1>;
+		#size-cells = <1>;
+		ranges;
+
+		event_log: tcg_event_log {
+			no-map;
+			reg = <(CFG_SYS_SDRAM_SIZE - 0x2000) 0x2000>;
+		};
+	};
+
 	binman: binman {
 	};

@ -1422,6 +1434,7 @@

 	tpm2 {
 		compatible = "sandbox,tpm2";
+		memory-region = <&event_log>;
 	};

 	tpm {
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@ -348,4 +348,5 @@ CONFIG_TEST_FDTDEC=y
 CONFIG_UNIT_TEST=y
 CONFIG_UT_TIME=y
 CONFIG_UT_DM=y
+CONFIG_MEASURED_BOOT=y
 CONFIG_ARM_FFA_TRANSPORT=y
--- a/include/test/suites.h
+++ b/include/test/suites.h
@ -45,6 +45,7 @@ int do_ut_font(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
 int do_ut_lib(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
 int do_ut_loadm(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
 int do_ut_log(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]);
+int do_ut_measurement(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[]);
 int do_ut_mem(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
 int do_ut_optee(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[]);
 int do_ut_overlay(struct cmd_tbl *cmdtp, int flag, int argc,
--- a/test/boot/Makefile
+++ b/test/boot/Makefile
@ -4,6 +4,7 @@

 obj-$(CONFIG_BOOTSTD) += bootdev.o bootstd_common.o bootflow.o bootmeth.o
 obj-$(CONFIG_FIT) += image.o
+obj-$(CONFIG_MEASURED_BOOT) += measurement.o

 obj-$(CONFIG_EXPO) += expo.o
 obj-$(CONFIG_CEDIT) += cedit.o
--- a/test/boot/measurement.c
+++ b/test/boot/measurement.c
@ -0,0 +1,66 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Test for measured boot functions
+ *
+ * Copyright 2023 IBM Corp.
+ * Written by Eddie James <eajames@linux.ibm.com>
+ */
+
+#include <common.h>
+#include <bootm.h>
+#include <malloc.h>
+#include <test/suites.h>
+#include <test/test.h>
+#include <test/ut.h>
+#include <asm/io.h>
+
+#define MEASUREMENT_TEST(_name, _flags)	\
+	UNIT_TEST(_name, _flags, measurement_test)
+
+static int measure(struct unit_test_state *uts)
+{
+	struct bootm_headers images;
+	const size_t size = 1024;
+	u8 *kernel;
+	u8 *initrd;
+	size_t i;
+
+	kernel = malloc(size);
+	initrd = malloc(size);
+
+	images.os.image_start = map_to_sysmem(kernel);
+	images.os.image_len = size;
+
+	images.rd_start = map_to_sysmem(initrd);
+	images.rd_end = images.rd_start + size;
+
+	images.ft_addr = malloc(size);
+	images.ft_len = size;
+
+	env_set("bootargs", "measurement testing");
+
+	for (i = 0; i < size; ++i) {
+		kernel[i] = 0xf0 | (i & 0xf);
+		initrd[i] = (i & 0xf0) | 0xf;
+		images.ft_addr[i] = i & 0xff;
+	}
+
+	ut_assertok(bootm_measure(&images));
+
+	free(images.ft_addr);
+	free(initrd);
+	free(kernel);
+
+	return 0;
+}
+MEASUREMENT_TEST(measure, 0);
+
+int do_ut_measurement(struct cmd_tbl *cmdtp, int flag, int argc,
+		      char *const argv[])
+{
+	struct unit_test *tests = UNIT_TEST_SUITE_START(measurement_test);
+	const int n_ents = UNIT_TEST_SUITE_COUNT(measurement_test);
+
+	return cmd_ut_category("measurement", "measurement_test_", tests,
+			       n_ents, argc, argv);
+}
--- a/test/cmd_ut.c
+++ b/test/cmd_ut.c
@ -99,6 +99,10 @@ static struct cmd_tbl cmd_ut_sub[] = {
 #if CONFIG_IS_ENABLED(UT_UNICODE) && !defined(API_BUILD)
 	U_BOOT_CMD_MKENT(unicode, CONFIG_SYS_MAXARGS, 1, do_ut_unicode, "", ""),
 #endif
+#ifdef CONFIG_MEASURED_BOOT
+	U_BOOT_CMD_MKENT(measurement, CONFIG_SYS_MAXARGS, 1, do_ut_measurement,
+			 "", ""),
+#endif
 #ifdef CONFIG_SANDBOX
 	U_BOOT_CMD_MKENT(compression, CONFIG_SYS_MAXARGS, 1, do_ut_compression,
 			 "", ""),