zephyr: Move testplan into sample Makefile
Instead of a bunch of patches that tend to become conflicting, use the
newly parameterized Makefile to make all of the test plans into make
targets. Update the instructions to match this.
Signed-off-by: David Brown <david.brown@linaro.org>
diff --git a/samples/zephyr/Makefile b/samples/zephyr/Makefile
index a2b68b5..ecfd4b4 100644
--- a/samples/zephyr/Makefile
+++ b/samples/zephyr/Makefile
@@ -49,12 +49,16 @@
BOARD ?=
+# We can override the Zephyr configuration for the bootloader by
+# setting this.
+BOOTLOADER_CONFIG ?=
+
.PHONY: check boot hello1 clean_boot clean_hello1 \
hello2 clean_hello2 flash_boot flash_hello1 flash_hello2
# For signing, use the default RSA demo key, to match the default in
# the mcuboot Makefile.
-SIGNING_KEY = ../../root-rsa-2048.pem
+SIGNING_KEY ?= ../../root-rsa-2048.pem
# The header size should match that in hello1/prj.conf
# CONFIG_TEXT_SECTION_OFFSET. This value needs to be a power of two
@@ -92,7 +96,7 @@
boot: check
@rm -f mcuboot.bin
- $(MAKE) -C ../.. BOARD=$(BOARD) -j$(nproc)
+ $(MAKE) -C ../.. BOARD=$(BOARD) -j$(nproc) $(BOOTLOADER_CONFIG)
cp ../../outdir/$(BOARD)/zephyr.bin mcuboot.bin
clean_boot: check
@@ -133,6 +137,9 @@
clean_hello2: check
rm -rf hello-world/outdir/hello2/$(BOARD)
+# These flash_* targets use pyocd to flash the images. The addresses
+# are hardcoded at this time.
+
flash_boot:
$(PYOCD_FLASHTOOL) -ce -a 0 mcuboot.bin
@@ -145,6 +152,139 @@
flash_full:
$(PYOCD_FLASHTOOL) -ce -a 0 full.bin
+# These test- targets reinvoke make with the configuration set to test
+# various configurations. This will generally be followed by using
+# the above flash targets.
+
+# Test a good image, with a good upgrade, using RSA signatures.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello2 runs
+# reset: hello1 runs
+test-good-rsa:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ all
+
+# Test a good image, with a good upgrade, using ECDSA signatures.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello2 runs
+# reset: hello1 runs
+test-good-ecdsa:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ all
+
+# Test (with RSA) that overwrite-only works. This should boot,
+# upgrade correctly, but not revert once the upgrade has been done.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello2 runs
+# reset: hello2 runs
+test-overwrite:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_UPGRADE_ONLY=YES" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_UPGRADE_ONLY=YES" \
+ all
+
+# Test that when configured for RSA, a wrong signature in the upgrade
+# image will fail to upgrade.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello1 runs
+# reset: hello1 runs
+test-bad-rsa-upgrade:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ boot hello1
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ hello2
+
+# Test that when configured for ECDSA, a wrong signature in the upgrade
+# image will fail to upgrade.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello1 runs
+# reset: hello1 runs
+test-bad-ecdsa-upgrade:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ boot hello1
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=../../root-rsa-2048.pem \
+ hello2
+
+# Test that when configured to not validate slot0, we still boot, but
+# don't upgrade.
+# flash_boot: tries to boot and resets
+# flash_hello1: hello1 runs
+# flash_hello2: hello1 runs
+# reset: hello1 runs
+test-no-bootcheck:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_VALIDATE_SLOT0=NO" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_VALIDATE_SLOT0=NO" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ all
+
+# Test a good image, with a wrong-signature upgrade, using RSA signatures.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello1 runs
+# reset: hello1 runs
+test-wrong-rsa:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ boot hello1
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=RSA" \
+ SIGNING_KEY=bad-keys/bad-rsa-2048.pem \
+ hello2
+
+# Test a good image, with a wrong-signature upgrade, using ECDSA signatures.
+# flash_boot: Unable to find bootable image
+# flash_hello1: hello1 runs
+# flash_hello2: hello1 runs
+# reset: hello1 runs
+test-wrong-ecdsa:
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ clean
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=../../root-ec-p256.pem \
+ boot hello1
+ $(MAKE) \
+ BOOTLOADER_CONFIG="CONF_SIGNATURE_TYPE=ECDSA_P256" \
+ SIGNING_KEY=bad-keys/bad-ec-p256.pem \
+ hello2
+
check:
@if [ -z "$$ZEPHYR_BASE" ]; then echo "Zephyr environment not set up"; false; fi
@if [ -z "$(BOARD)" ]; then echo "You must specify BOARD=<board>"; false; fi
diff --git a/samples/zephyr/bad-keys/README.md b/samples/zephyr/bad-keys/README.md
new file mode 100644
index 0000000..621ce96
--- /dev/null
+++ b/samples/zephyr/bad-keys/README.md
@@ -0,0 +1,6 @@
+# Bad keys for testing
+
+This directory contains some alternate keys that can be used for
+testing. Signing the images with either of these keys, but leaving
+the demo keys's public keys in the bootloader should result in it not
+upgrading, or not booting.
diff --git a/samples/zephyr/bad-keys/bad-ec-p256.pem b/samples/zephyr/bad-keys/bad-ec-p256.pem
new file mode 100644
index 0000000..333f41f
--- /dev/null
+++ b/samples/zephyr/bad-keys/bad-ec-p256.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEILmqmiH6y3EGhLkTcnNtU7hZ1wnc51MIL53npseRX7vJoAoGCCqGSM49
+AwEHoUQDQgAEcX9ExNjZfsckp6AdutjPjVJsvP6ZZkKfLsGnRpKR+9OpO9/qmJHs
+ks+ZXo70SEANjWnNlxKNAVci8aUm8UskLw==
+-----END EC PRIVATE KEY-----
diff --git a/samples/zephyr/bad-keys/bad-rsa-2048.pem b/samples/zephyr/bad-keys/bad-rsa-2048.pem
new file mode 100644
index 0000000..755f95b
--- /dev/null
+++ b/samples/zephyr/bad-keys/bad-rsa-2048.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAzXhCIc6kig0DRWEyKj4N8v/bfvh/RmU73Jo0Z0RAFSLnFrE5
+5W5C9tsdDalhN5HV7xBQCzr7GSW1C6MNvtw/lVr4+x4LvgwYD6kl+9IZc5udPIJ1
+R7aLBP2o4r6rJWtCj9Y6bifsMlVkHCONIHDGhp3bSl+9C2EqfwqJENg3mHYyZcbr
+kBfLhILE24T+MhxkPZiI3Ox6XthwT7Is8ZCXF6VCYaK6N8jXAXz8OiEhIpMl3Z3m
+DqxaM0ovSXfXvOfMeKN76iI9m8S4JnPbuzu+/5GdSnNbIxoluzXU7e52FoKgthNM
+2mArAak5x3IqsStY0qDCODSlNnSha9+jfk8ULwIDAQABAoIBAQC7Z6dx7GdY3vuP
+yVIXA1h3vfP2gDKeA3GxCRko4zBL1vTNVsJGx+XeAAYk0suwAp0NGmTXiWlDC4hw
+37yGy55W3I3hhQsSwTck+ZOCdqPuNQ4aBadwzEdKOw5SGbRCQe2JAc1zcYhWdFoF
+7EspPpNkbxB3apEjkvFOxE42Be/XZrwxig1OQJ9DpOhTeV8+jljg6aSzOuQxdR4G
+ZXTzACnb20jnefnwmC5lhZxRWYEXkc96onYIvrDpIMdTzTnTbshJjg5HNPOEEgpF
+U1x2iCRB3tN9QHbzdH/XrnRBr9Yy62SUIDXf4LBqin/pRQPodh9ZM7zanrhzsuiy
+Tro2WKhRAoGBANoAT73haGrUb9ZSdzpu5qOD0eaQZPCIlubRrT5BCXPS2xVIGe+g
+eDaBljdlXDJnKvBqjOVQyU7lrZAIVWgz6qD1HNIQZI30WivXejL4GeoXnAnp/ohh
+1QmjMVvlcGe/22jpDmJa3Qgm4leaUxnxxilO/pQlZzzndBP88Df4/hIJAoGBAPFI
+xBRq0SdBWhSydeEFvm8n37/icrN+V9f/Ka9tbPZcJaowzqQPrAHtu2CBD1JVyo2G
+sKxFy867vCHntFu8zq2KSpCPVyeR+pDvwknr9PDm+DiLScBCGdyKqjBazT5+mHzP
+fKk6nRV8uoNXLZQtnqKJzN61bYrnFaOQx6GZM6J3AoGAUHqA9bY7GAUo7FQxU88R
+Mhg96wIvYWTrYHbToAHefXXAD1E40e/JsUWRsQ2oRas0fOC49wcl6gx8UInjDb7s
+xVL3usz2cjlc+IZpxFs3JeZlYnuRzcNgJFispiJDpul7FHXFK6YjpxjDwldkilVp
+NGLHNOXCAQfpIF/mRqOTGBECgYAmb7kMp5d58WcwNN2iYw/bFTcHkkNDZLUJq5Qw
+ZfYdqMA3RF8ms3hrNjvLO8P9Eb2angI270dwP2fQ3uBUXNdvvb/zF2KC4zZPMGJ6
+9COo3KJeH5I4Fk+YWl6SJWTct74C4+qv6q5rZdswYQrZuAq1Sc5hC/XPUtCXpdCn
+ZYhcMQKBgEHN3ZYe7gOfxR4rqk+OIsAUN9P3zyu6kQzUL1BQ7t7Gwi1dv6+E+BGQ
+vGUt4RGG10g3K9twfhOHnwAiruEk6CK2+1G/ZsGCrPIE21KCcucUCPvzUGhintO+
+b+Q5kAeZFg5CB9b616SY/GvlzPraNx5OZfI8nw39U9do7N/yFiKT
+-----END RSA PRIVATE KEY-----
\ No newline at end of file