When a timeout occurs while executing a command a 'Lab failure' message is
written and testing is stopped. The user is left in the dark about the
failure cause.
! _pytest.outcomes.Exit: Lab failure: Marking connection bad - no other tests will run !
Add the word 'Timeout' and the executed command to the message.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
When a timeout occurs while executing a command a 'Boot fail' message is
written and testing is stopped. The user is left in the dark about the
failure cause.
! _pytest.outcomes.Exit: Boot fail: Marking connection bad - no other tests will run !
Add the executed command to the message.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
While the dd command actually writes to the block device the truncate
command only updates the metadata (at least on ext4). This is faster and
reduces wear on the block device.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
Signed-off-by: Tom Rini <trini@konsulko.com>
FIXME: Reword more
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
The main change here is that our mount point directory has changed from
"test_efi_capsule" to "scratch" and so we need to update other functions
too. As the disk image that we get created doesn't have a GPT, invoke
sgdisk to do a conversion first.
Signed-off-by: Tom Rini <trini@konsulko.com>
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
As this test already had a number of internal functions, add a
prepare_image function to do this part of the test.
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
Signed-off-by: Tom Rini <trini@konsulko.com>
While we can be passed an image size to use, we always called qemu-img
with 20M as the size. Fix this by using the size parameter.
Signed-off-by: Tom Rini <trini@konsulko.com>
The generic function in test_ut.py to create a disk image with partition
table can be useful outside of test_ut.py so move it to be available
more clearly.
To make this a bit more easily used library function, make use of
check_call directly rather than calling things though u_boot_utils. In
turn, to more easily handle stdin here, use the shell "printf" utility
to pass sfdisk the specification to create as we do not have an actual
file descriptor to use here.
Signed-off-by: Tom Rini <trini@konsulko.com>
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
Signed-off-by: Tom Rini <trini@konsulko.com>
The problem with using "virt-make-fs" to make a filesystem image is that
it is extremely slow. Switch to using the fs_helper functions we have
instead from the filesystem tests as these can add files to images and
are significantly faster and still do not require root access.
Signed-off-by: Tom Rini <trini@konsulko.com>
Add sandbox64_lwip_defconfig based on sandbox64_defconfig with NET_LWIP
enabled.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 886d38a54d)
Now that the DSA tests in test/dm/dsa.c are compatible with NET_LWIP,
remove the dependency of DM_DSA on NET.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit ca8db26928)
Convert the tests to use the do_ping() interface which is now
common to NET and NET_LWIP. This allows running most network test with
SANDBOX and NET_LWIP. A few things to note though:
1. The ARP and IPv6 tests are enabled for NET only
2. The net_retry test is modified to use eth0 (eth@10002000) as the
active (but disabled) interface, and therefore we expect eth1
(eth@10003000) to be the fallback when "netretry" is "yes". This is in
replacement of eth7 (lan1) and eth0 (eth@10002000) respectively.
Indeed, it seems eth7 works with NET by chance and it certainly does not
work with NET_LWIP. I observed that even with NET,
sandbox_eth_disable_response(1, true) has no effect: remove it and
the test still passes. The interface ID is not correct to begin with; 1
corresponds to eth1 (eth@10003000) as shown by debug traces, it is not
eth7 (lan1). And using index 7 causes a SEGV. In fact, it is not the
call to sandbox_eth_disable_response() that prevents the stack from
processing the ICMP reply but the timeout caused by the call to
sandbox_eth_skip_timeout(). Here is what happens when trying to ping
using the eth7 (lan1) interface with NET:
do_ping(...)
net_loop(PING)
ping_start()
eth_rx()
sb_eth_recv()
time_test_add_offset(11000UL);
if (get_timer(0) - time_start > time_delta)
ping_timeout_handler() // ping error, as expected
And the same with NET_LWIP:
do_ping(...)
ping_loop(...)
sys_check_timeouts()
net_lwip_rx(...)
sb_eth_recv()
time_test_add_offset(11000UL);
netif->input(...) // the packet is processed succesfully
By choosing eth0 and sandbox_eth_disable_response(0, true), the incoming
packet is indeed discarded and things work as expected with both network
stacks.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 58ea7c3b50)
Make the do_ping() function in cmd/net.c a global one by getting rid of
the static qualifier, and move the prototype declaration from net-lwip.h
to net-common.h. This makes the function available to other parts of
U-Boot when CONFIG_NET=y, as was already the case when
CONFIG_NET_LWIP=y.
This is a peparation step to make the sandbox tests use a common API
between NET and NET_LWIP.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 1f907e559d)
The tests in test/dm/eth.c and test/dm/dsa.c use interfaces that have
no static IP addresses configured in the board's default environment
file. That will be a problem when NET_LWIP=y because the lwIP stack
refuses to send ICMP packets through an interface that doesn't have an
IP ("no route to host"). Therefore and in preparation for enabling the
sandbox tests with NET_LWIP, provide such addresses in
board/sandbox/sandbox.env.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 1772c85f7a)
Make the sandbox mock ethernet driver (drivers/net/sandbox.c) compatible
with NET_LWIP by not relying on any of the structures or functions
defined in net-legacy.h. This is done by providing local definitions of
the various protocol structures (Ethernet, ARP, IPv4, ICMP). Drop the
stub driver that was introduced specifically for NET_LWIP
(drivers/net/sandbox-lwip.c).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 94289e291f)
When the sandbox timer is available, use it. This allows skipping
time in the tests (sandbox_eth_skip_timeout()).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit bebe7fe3ee)
Use net_start_again() in do_ping() to determine if a failed ping should
be restarted on a different interface.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 7156533162)
Implement net_start_again() when NET_LWIP=y in a very similar way to
NET. This will be used in a future commit to determine if a failed
ping needs to be tried again on a different interface.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 761fe6719c)
The things that are done prior to executing a network command with
NET_LWIP are not consistent with what is done with NET. It impacts the
selection of the current device, and more precisely if the active device
is invalid NET would return an error while NET_LWIP would try to pick a
new device. This incorrect behavior was detected thanks to the eth_rotate
sandbox test (dm_test_eth_rotate()).
Fix it by re-using a sequence similar to what NET has in net_loop().
This piece of code is inserted in a function called net_lwip_eth_start()
renamed from net_lwip_eth_set_current().
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 5666865dec)
do_ping() expects ping_loop() to return a negative value on error, so
that it can propagate it to the caller as CMD_RET_FAILURE. This is not
the case when no ethernet device is found, so fix that.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
(cherry picked from commit 42df30a210)
Move the initialization of the ethernet devices out of the new_netif()
function. Indeed, new_netif() accepts a struct device argument, which
is expected to be valid and active. The activation and selection of
this device are achieved by eth_init() (on first time the network
stack is used) and eth_set_current(). This is what takes care of the
ethrotate and ethact environment variables. Therefore, move these calls
to a new function: net_lwip_set_current(), and use it whenever a
net-lwip command is run.
This patch hopefully fixes the incorrect net-lwip behavior observed on
boards with multiple ethernet interfaces [1].
Tested on an i.MX8MPlus EVK equipped wih two ethernet ports. The dhcp
command succeeds whether the cable is plugged into the first or second
port.
[1] https://lists.denx.de/pipermail/u-boot/2025-January/576326.html
Reported-by: E Shattow <e@freeshell.de>
Tested-by: E Shattow <e@freeshell.de>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
(cherry picked from commit 9f6b9f57fe)
initr_net() initalizes the network devices by calling eth_initalize().
There is no good reason to disable this if no command line interface is
present.
Let initr_net() depend on CONFIG_NET || CONFIG_NET_LWIP.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
(cherry picked from commit fd7607be62)
CMD_PXE is already under CMD_NET in Kconfig that's why make no sense to
have another ifdef inside source code.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Reviewed-by: Quentin Schulz <quentin.schulz@cherry.de>
(cherry picked from commit f79db892fc)
!A || (A && B) is equivalent to !A || B
Drop the middle expression from the statement
Signed-off-by: Bryan Brattlof <bb@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
(cherry picked from commit 473032619f)
In IPv6, the broadcast MAC address is not used. Instead, it should use
the multicast address (see RFC RFC2464).
Add IPV6_ALL_NODE_ETH_ADDR macro for clarity.
Signed-off-by: Sean Edmond <seanedmond@microsoft.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
(cherry picked from commit 9a6964e419)
Update SPI negative tests to prevent SF command from overwriting the
reserved memory area.
Signed-off-by: Love Kumar <love.kumar@amd.com>
(cherry picked from commit 140e1d7fc3)
With a newer pylint we get a warning about how offset could be used
before assigned. This is because when the underlying filesystem wasn't
one that is supported we would have runtime test failures. Address this
by raise'ing an Exception if fs is not supported.
Signed-off-by: Tom Rini <trini@konsulko.com>
USB tests on ext partitions can fail with the following output
test/py/tests/test_usb.py:245: in test_usb_part
'fstype usb %d:%d' % i, part_id
E TypeError: not enough arguments for format string
So add brackets around the format string arguments to prevent the
error.
Fixes: a730947974 ("test/py: usb: Distinguish b/w ext2/ext4 partitions")
Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
Reviewed-by: Marek Vasut <marex@denx.de>
Reviewed-by: Love Kumar <love.kumar@amd.com>
(cherry picked from commit eaa51d0fda)
With a newer pylint version we get a warning about how mounted_test_fn
could be used before assignment. Evaluating the code, this can't happen
because we check for "not have_writable_fs_partition" and return before
moving to the part of the tests which use mounted_test_fn. However, we
should instead have this written so that we only try this part of the
test if have_writable_fs_partition is set, and this also fixes the
warning. As part of this we also move test_f and mounted_test_fn to the
section of code that already only does this if
have_writable_fs_partition is set.
Signed-off-by: Tom Rini <trini@konsulko.com>
(cherry picked from commit 203d3a9fc7)
getopt_long() expects a NULL-terminated list of structures. The current
list in mkimage does not have a zero-filled structure at the end, which
can cause getopt_long() to walk past the end of the array when passing
an unknown option, causing a segmentation fault.
As a reproducer, the following command causes a segmentation fault
(tested in Debian 12):
mkimage --foobar
Signed-off-by: Carlos López <carlos.lopezr4096@gmail.com>
Using some form of sandbox with Python modules is a long standing best
practice with the language. There are a number of ways to have a Python
sandbox be created. At this point in time, it seems the Python community
is moving towards using the "venv" module provided with Python rather
than a separate tool. To match that we make the following changes:
- Refer to a "Python sandbox" rather than virtualenv in comments, etc.
- Install the python3-venv module in our container and not virtualenv.
- In our CI files, invoke "python -m venv" rather than "virtualenv".
- In documentation, tell users to install python3-venv and not
virtualenv.
Signed-off-by: Tom Rini <trini@konsulko.com>
Add support for generating Rockchip Boot Image for RK3528.
Similar to RK3568, the RK3528 has 64 KiB SRAM and 4 KiB of it is
reserved for BootROM.
Signed-off-by: Yifeng Zhao <yifeng.zhao@rock-chips.com>
Signed-off-by: Jonas Karlman <jonas@kwiboo.se>
Reviewed-by: Kever Yang <kever.yang@rock-chips.com>
With the switch to using GCC 14.2.0 in commit 001bac5f16 ("Dockerfile:
Update to gcc-14.2.0 and clang-18") in CI, we should make buildman match
this.
Signed-off-by: Tom Rini <trini@konsulko.com>
It is confusing to have both "$(PHASE_)" and "$(XPL_)" be used in our
Makefiles as part of the macros to determine when to do something in our
Makefiles based on what phase of the build we are in. For consistency,
bring this down to a single macro and use "$(PHASE_)" only.
Signed-off-by: Tom Rini <trini@konsulko.com>
On PowerPC platforms with TPL enabled and SPL_SYS_NS16550_SERIAL
enabled, today this builds under TPL as well due to how $(XPL_) is
defined. Add the TPL_SYS_NS16550_SERIAL itself for consistency and
clarity.
Signed-off-by: Tom Rini <trini@konsulko.com>
Currently this platform implicity builds CONFIG_TPL_DM_I2C support
without setting the symbol. Add it for clarity.
Signed-off-by: Tom Rini <trini@konsulko.com>
Using HTTPS without root (CA) certificates is a security issue. Print a
warning in this case. Also, when certificate verification fail, print
an additional message because "HTTP client error 4" is not very
informative (4 is HTTPC_RESULT_ERR_CLOSED).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Instead of relying on some build time configuration to determine if
server certificates need to be checked against CA certificates, do it
based on the availability of such certificates. If no CA is configured
then no check can succeed; on the other hand if we have CA certs then
we should not ignore them. It is always possible to remove the CA certs
(via 'wget cacert 0 0') to force an HTTPS download that would fail
certificate validation.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Find_option() is used to retrieve the block size value in an option
acknowledgment in response to a request containing a block size option
according to RFC2348.
The format of an OACK response is described in RFC2347 as
+-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
| opc | opt1 | 0 | value1 | 0 | optN | 0 | valueN | 0 |
+-------+---~~---+---+---~~---+---+---~~---+---+---~~---+---+
The current implementation of find_option() only works if
* blksize is the first option
* lwip_strnstr() ignores the length parameter,
i.e. is implemented via strstr()
The OACK messages starts with 0x00 0x06. If 'blksize' is the first option,
strstr() reports a match when the first parameter points to 0x06. Adding
the string length of 'blksize' plus 2 to the location of the 0x06 byte
points to the value.
Find_option() would report a match for option 'blksize' if the response
contained an option called 'foo_blksize_bar'. In this case find_option()
would return 'bar' as the value string.
If 'blksize' were the second option, find_option() would return a pointer
to the second character of the value string.
Furthermore find_option() does not detect if the value string is NUL
terminated. This may lead to a buffer overrun.
Provide an implementation that correctly steps from option to option.
Fixes: 27d7ccda94 ("net: lwip: tftp: add support of blksize option to client")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (qemu_arm64_lwip)
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
S/MIME Capabilities (OID: 1.2.840.113549.1.9.15) attributes are
expected to be algorithms but neither data nor MS Inderect Data,
thus the checker for data type is incorrect.
This patch fixes a capsule authentication failure with PKCS#7
message that contains S/MIME capabilities, which formed by the EDK2
GenerateCapsule tool.
S/MIME Capabilities are not common attributes in an EFI capsule,
thus this failure cannot be reproduced with the capsules generated
via mkeficapsule.
Fixes: 7de0d155cc ("mbedtls: add PKCS7 parser porting layer")
Reported-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Refactor the entire kconfig page for mbedtls, adapt mbedtls makefile
and default config file using 'XPL_', in order to have independent
mbedtls kconfig options in U-Boot Proper, SPL, TPL and VPL.
User can choose legacy or mbedtls libraries for them independently.
Set mbedtls native hashing libraries as default when MBEDTLS_LIB,
SPL_MBEDTLS_LIB, TPL_MBEDTLS_LIB or VPL_MBEDTLS_LIB is selected.
If users prefer using U-Boot legacy hashing libraries, please select
MBEDTLS_LIB_HASHING_ALT, SPL_MBEDTLS_LIB_HASHING_ALT,
TPL_MBEDTLS_LIB_HASHING_ALT or VPL_MBEDTLS_LIB_HASHING_ALT for U-Boot
Proper, SPL, TPL and VPL respectively.
Moreover, rename a few kconfig options and update their descriptions to
improve the consistency of terminology.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
