Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Verify that ROM_EXT rejects a bad ownership configuration. #24468

Open
cfrantz opened this issue Aug 30, 2024 · 0 comments
Open

Verify that ROM_EXT rejects a bad ownership configuration. #24468

cfrantz opened this issue Aug 30, 2024 · 0 comments
Assignees
Labels
Component:RomExt/E2e/Test ROM_EXT end-to-end test Priority:P1 Priority: high Type:Task Tasks, to-do list.

Comments

@cfrantz
Copy link
Contributor

cfrantz commented Aug 30, 2024

  • Start in an locked & owned state with the fake owner as owner.
  • Unlock the chip into the UnlockedAny state using the fake owner unlock key.
  • Upload an owner block for the dummy owner with a corrupted signature.
  • Attempt to activate ownership with the dummy activate key.
  • Confirm the activate is rejected with an OwnershipInvalidInfoPage error.
@cfrantz cfrantz added Component:RomExt/E2e/Test ROM_EXT end-to-end test Priority:P1 Priority: high Type:Task Tasks, to-do list. labels Aug 30, 2024
@cfrantz cfrantz added this to the Earlgrey-PROD.ROM_EXT milestone Aug 30, 2024
@cfrantz cfrantz self-assigned this Aug 30, 2024
cfrantz added a commit to cfrantz/opentitan that referenced this issue Aug 30, 2024
The tests added by this change are all simple variations on
the ownership transfer test added in lowRISC#24419.  They involve verifying the
different modes and error conditions (e.g. using the wrong key).

Adds the following tests:
- `bad_unlock_test`; Fixes lowRISC#24466
- `bad_activate_test`; Fixes lowRISC#24467
- `bad_owner_block_test`; Fixes lowRISC#24468
- `bad_app_key_test`; Fixes lowRISC#24469
- `transfer_endorsed_test`; Fixes lowRISC#24470
- `bad_endorsee_test`; Fixes lowRISC#24471
- `locked_update_test`; Fixes lowRISC#24472
- `bad_locked_update_test` & `bad_locked_update_no_exec_test`; Fixes lowRISC#24473

Signed-off-by: Chris Frantz <cfrantz@google.com>
cfrantz added a commit to cfrantz/opentitan that referenced this issue Sep 3, 2024
The tests added by this change are all simple variations on
the ownership transfer test added in lowRISC#24419.  They involve verifying the
different modes and error conditions (e.g. using the wrong key).

Adds the following tests:
- `bad_unlock_test`; Fixes lowRISC#24466
- `bad_activate_test`; Fixes lowRISC#24467
- `bad_owner_block_test`; Fixes lowRISC#24468
- `bad_app_key_test`; Fixes lowRISC#24469
- `transfer_endorsed_test`; Fixes lowRISC#24470
- `bad_endorsee_test`; Fixes lowRISC#24471
- `locked_update_test`; Fixes lowRISC#24472
- `bad_locked_update_test` & `bad_locked_update_no_exec_test`; Fixes lowRISC#24473

Signed-off-by: Chris Frantz <cfrantz@google.com>
cfrantz added a commit that referenced this issue Sep 4, 2024
The tests added by this change are all simple variations on
the ownership transfer test added in #24419.  They involve verifying the
different modes and error conditions (e.g. using the wrong key).

Adds the following tests:
- `bad_unlock_test`; Fixes #24466
- `bad_activate_test`; Fixes #24467
- `bad_owner_block_test`; Fixes #24468
- `bad_app_key_test`; Fixes #24469
- `transfer_endorsed_test`; Fixes #24470
- `bad_endorsee_test`; Fixes #24471
- `locked_update_test`; Fixes #24472
- `bad_locked_update_test` & `bad_locked_update_no_exec_test`; Fixes #24473

Signed-off-by: Chris Frantz <cfrantz@google.com>
github-actions bot pushed a commit that referenced this issue Oct 29, 2024
The tests added by this change are all simple variations on
the ownership transfer test added in #24419.  They involve verifying the
different modes and error conditions (e.g. using the wrong key).

Adds the following tests:
- `bad_unlock_test`; Fixes #24466
- `bad_activate_test`; Fixes #24467
- `bad_owner_block_test`; Fixes #24468
- `bad_app_key_test`; Fixes #24469
- `transfer_endorsed_test`; Fixes #24470
- `bad_endorsee_test`; Fixes #24471
- `locked_update_test`; Fixes #24472
- `bad_locked_update_test` & `bad_locked_update_no_exec_test`; Fixes #24473

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 4d520bd)
moidx pushed a commit that referenced this issue Oct 30, 2024
The tests added by this change are all simple variations on
the ownership transfer test added in #24419.  They involve verifying the
different modes and error conditions (e.g. using the wrong key).

Adds the following tests:
- `bad_unlock_test`; Fixes #24466
- `bad_activate_test`; Fixes #24467
- `bad_owner_block_test`; Fixes #24468
- `bad_app_key_test`; Fixes #24469
- `transfer_endorsed_test`; Fixes #24470
- `bad_endorsee_test`; Fixes #24471
- `locked_update_test`; Fixes #24472
- `bad_locked_update_test` & `bad_locked_update_no_exec_test`; Fixes #24473

Signed-off-by: Chris Frantz <cfrantz@google.com>
(cherry picked from commit 4d520bd)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Component:RomExt/E2e/Test ROM_EXT end-to-end test Priority:P1 Priority: high Type:Task Tasks, to-do list.
Projects
None yet
Development

No branches or pull requests

1 participant