From c44ffc30846fdfa7cf814316d24dfecd2c22b0ae Mon Sep 17 00:00:00 2001 From: Arthur Heymans Date: Thu, 17 Jun 2021 13:01:58 +0200 Subject: [PATCH] security/intel/cbnt: Build test CBnT provisioning This updates the intel-sec-tools submodule pointer to include a fake acm binary to be included for buildtesting. Change-Id: Id4a9e177f71306b8c5538a578da229a53d19487a Signed-off-by: Arthur Heymans Reviewed-on: https://review.coreboot.org/c/coreboot/+/55609 Tested-by: build bot (Jenkins) Reviewed-by: Angel Pons --- 3rdparty/intel-sec-tools | 2 +- configs/config.ocp_deltalake_cbnt | 8 ++++++++ util/testing/Makefile.inc | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 configs/config.ocp_deltalake_cbnt diff --git a/3rdparty/intel-sec-tools b/3rdparty/intel-sec-tools index ae3a2cfb27..0031ac7344 160000 --- a/3rdparty/intel-sec-tools +++ b/3rdparty/intel-sec-tools @@ -1 +1 @@ -Subproject commit ae3a2cfb27eb18176d6a19720327f3f0c839de43 +Subproject commit 0031ac73447baeb197fb2d80e5fba2470716e76d diff --git a/configs/config.ocp_deltalake_cbnt b/configs/config.ocp_deltalake_cbnt new file mode 100644 index 0000000000..4df1043709 --- /dev/null +++ b/configs/config.ocp_deltalake_cbnt @@ -0,0 +1,8 @@ +CONFIG_VENDOR_OCP=y +CONFIG_INTEL_TXT_BIOSACM_FILE="3rdparty/intel-sec-tools/testdata/fake_acm/biosacm_cbnt_fake.bin" +CONFIG_INTEL_TXT_LOGGING=y +CONFIG_INTEL_CBNT_SUPPORT=y +# CONFIG_INTEL_CBNT_CBNT_PROV_KM_USE_CFG_FILE is not set +# CONFIG_INTEL_CBNT_CBNT_PROV_BPM_USE_CFG_FILE is not set +CONFIG_INTEL_CBNT_KM_PRIV_KEY_FILE="3rdparty/intel-sec-tools/testdata/testkeys/km_priv_key.pem" +CONFIG_INTEL_CBNT_BPM_PRIV_KEY_FILE="3rdparty/intel-sec-tools/testdata/testkeys/bpm_priv_key.pem" diff --git a/util/testing/Makefile.inc b/util/testing/Makefile.inc index 0d1053a72f..a390654045 100644 --- a/util/testing/Makefile.inc +++ b/util/testing/Makefile.inc @@ -85,6 +85,7 @@ ifneq ($(JENKINS_SKIP_LINT_TESTS),y) util/lint/lint lint-stable --junit util/lint/lint lint-extended --junit endif + cd 3rdparty/intel-sec-tools/ ; go mod vendor util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/chromeos $(ABUILD_OPTIONS) -x -X $(top)/abuild-chromeos.xml util/abuild/abuild -o $(COREBOOT_BUILD_DIR)/default $(ABUILD_OPTIONS) $(foreach tool, $(TOOLLIST), $(MAKE) CPUS=$(CPUS) V=$(V) Q=$(Q) BLD_DIR="util/$(tool)" BLD="$(tool)" MFLAGS= MAKEFLAGS= MAKETARGET= junit.xml; )