Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set auth manifest tests #1829

Closed
wants to merge 14 commits into from
Closed

Set auth manifest tests #1829

wants to merge 14 commits into from

Conversation

mtimkovich
Copy link

No description provided.

mhatrevi and others added 2 commits December 2, 2024 13:44
@mhatrevi
[update] Manifest Based Authorization feature update.
d025425 
This PR  makes the following changes to the feature:
1. Adds a 'firmware id' to the image metadata entry (IME) structure.
2. Reduces max IME limit from 128 to 127 to account for size increase due to the firmware id addition.
3. SET_AUTH_MANIFEST command validates that the IME collection does not contain duplicate firmware ids.
4. SET_AUTH_MANIFEST command sorts the IME on the firmware ids.
5. Adds a new bit to the IME flags named 'SKIP AUTHORIZATION'. If set, AUTHORIZE_AND_STASH command authorizes an IME with a matching firmware id ignoring the image hash.
6. If a firmware id is not found, AUTHORIZE_AND_STASH command returns IMAGE_NOT_AUTHORIZED status code in the command output.
7. If a firmware id is found but the image hash does not match, AUTHORIZE_AND_STASH returns IMAGE_HASH_MISMATCH status code in the command output.
8. If a firmware id is found and the image hash matches or if the 'SKIP AUTHORIZATION' flag is set for the the firmware id, AUTHORIZE_AND_STASH command returns IMAGE_AUTHORIZED status code in the command output.
9. AUTHORIZE_AND_STASH command uses binary search on the firmware id to lookup an IME.
@mtimkovich
set auth manifest tests
925da0a
@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented Dec 3, 2024
edited
Loading

CLA Not Signed

@mhatrevi
[update] Manifest Based Authorization feature update.
44a67de 
This PR  makes the following changes to the feature:
1. Adds a 'firmware id' to the image metadata entry (IME) structure.
2. Reduces max IME limit from 128 to 127 to account for size increase due to the firmware id addition.
3. SET_AUTH_MANIFEST command validates that the IME collection does not contain duplicate firmware ids.
4. SET_AUTH_MANIFEST command sorts the IME on the firmware ids.
5. Adds a new bit to the IME flags named 'SKIP AUTHORIZATION'. If set, AUTHORIZE_AND_STASH command authorizes an IME with a matching firmware id ignoring the image hash.
6. If a firmware id is not found, AUTHORIZE_AND_STASH command returns IMAGE_NOT_AUTHORIZED status code in the command output.
7. If a firmware id is found but the image hash does not match, AUTHORIZE_AND_STASH returns IMAGE_HASH_MISMATCH status code in the command output.
8. If a firmware id is found and the image hash matches or if the 'SKIP AUTHORIZATION' flag is set for the the firmware id, AUTHORIZE_AND_STASH command returns IMAGE_AUTHORIZED status code in the command output.
9. AUTHORIZE_AND_STASH command uses binary search on the firmware id to lookup an IME.
@mhatrevi mhatrevi force-pushed the vmhatre/auth-man-update branch from d025425 to 44a67de Compare December 4, 2024 23:47
mtimkovich and others added 4 commits December 4, 2024 16:07
@mtimkovich
more tests
73128aa
@mtimkovich
Merge branch 'vmhatre/auth-man-update' into mtimkovich/auth-man-update
21348d8
@mtimkovich
set manifest and auth and stash tests
e0e8f89
@mhatrevi
[update] Manifest Based Authorization feature update.
528514d 
This PR  makes the following changes to the feature:
1. Adds a 'firmware id' to the image metadata entry (IME) structure.
2. Reduces max IME limit from 128 to 127 to account for size increase due to the firmware id addition.
3. SET_AUTH_MANIFEST command validates that the IME collection does not contain duplicate firmware ids.
4. SET_AUTH_MANIFEST command sorts the IME on the firmware ids.
5. Adds a new bit to the IME flags named 'SKIP AUTHORIZATION'. If set, AUTHORIZE_AND_STASH command authorizes an IME with a matching firmware id ignoring the image hash.
6. If a firmware id is not found, AUTHORIZE_AND_STASH command returns IMAGE_NOT_AUTHORIZED status code in the command output.
7. If a firmware id is found but the image hash does not match, AUTHORIZE_AND_STASH returns IMAGE_HASH_MISMATCH status code in the command output.
8. If a firmware id is found and the image hash matches or if the 'SKIP AUTHORIZATION' flag is set for the the firmware id, AUTHORIZE_AND_STASH command returns IMAGE_AUTHORIZED status code in the command output.
9. AUTHORIZE_AND_STASH command uses binary search on the firmware id to lookup an IME.
@mhatrevi mhatrevi force-pushed the vmhatre/auth-man-update branch from 44a67de to 528514d Compare December 5, 2024 03:35
mtimkovich and others added 4 commits December 5, 2024 11:34
@mtimkovich
Merge branch 'vmhatre/auth-man-update' into mtimkovich/auth-man-update
6017ae3
@mtimkovich
merge
e0681b8
@mtimkovich
extreme fwids
2eb5139
@mhatrevi
[update] Manifest Based Authorization feature update.
00c08e8 
This PR  makes the following changes to the feature:
1. Adds a 'firmware id' to the image metadata entry (IME) structure.
2. Reduces max IME limit from 128 to 127 to account for size increase due to the firmware id addition.
3. SET_AUTH_MANIFEST command validates that the IME collection does not contain duplicate firmware ids.
4. SET_AUTH_MANIFEST command sorts the IME on the firmware ids.
5. Adds a new bit to the IME flags named 'SKIP AUTHORIZATION'. If set, AUTHORIZE_AND_STASH command authorizes an IME with a matching firmware id ignoring the image hash.
6. If a firmware id is not found, AUTHORIZE_AND_STASH command returns IMAGE_NOT_AUTHORIZED status code in the command output.
7. If a firmware id is found but the image hash does not match, AUTHORIZE_AND_STASH returns IMAGE_HASH_MISMATCH status code in the command output.
8. If a firmware id is found and the image hash matches or if the 'SKIP AUTHORIZATION' flag is set for the the firmware id, AUTHORIZE_AND_STASH command returns IMAGE_AUTHORIZED status code in the command output.
9. AUTHORIZE_AND_STASH command uses binary search on the firmware id to lookup an IME.
@mhatrevi mhatrevi force-pushed the vmhatre/auth-man-update branch from 528514d to 00c08e8 Compare December 5, 2024 21:15
@mtimkovich mtimkovich force-pushed the mtimkovich/auth-man-update branch from bb43842 to 48897e3 Compare December 6, 2024 01:19
@mhatrevi mhatrevi force-pushed the vmhatre/auth-man-update branch 3 times, most recently from 9aa1dea to 6f9a10c Compare December 7, 2024 02:08
@mhatrevi mhatrevi force-pushed the vmhatre/auth-man-update branch from 6f9a10c to bf42787 Compare December 7, 2024 02:31
@mhatrevi
Copy link
Collaborator

These changes are added to vmhatre/auth-man-update branch.

@mhatrevi mhatrevi closed this Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhatrevi mhatrevi mhatrevi left review comments

@jhand2 jhand2 Awaiting requested review from jhand2 jhand2 is a code owner

@fdamato fdamato Awaiting requested review from fdamato fdamato is a code owner

@rusty1968 rusty1968 Awaiting requested review from rusty1968 rusty1968 is a code owner

@bluegate010 bluegate010 Awaiting requested review from bluegate010 bluegate010 is a code owner

@swenson swenson Awaiting requested review from swenson swenson is a code owner

@vsonims vsonims Awaiting requested review from vsonims vsonims is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mtimkovich @mhatrevi @mlvisaya