diff --git a/.github/workflows/test-system.yml b/.github/workflows/test-system.yml index 43a8650cd..d0d312af3 100644 --- a/.github/workflows/test-system.yml +++ b/.github/workflows/test-system.yml @@ -9,12 +9,15 @@ jobs: strategy: fail-fast: false matrix: - platform: [generic, mpfs, cva6] + platform: [generic, mpfs, cva6, hifive_unmatched] bits: [32, 64] exclude: # mpfs is not 32 bit - platform: mpfs bits: 32 + # unmatched is not 32 bit + - platform: hifive_unmatched + bits: 32 # ignore 32-bit cva6 for now - platform: cva6 bits: 32 diff --git a/Makefile b/Makefile index 6bbbfed94..0429b63aa 100644 --- a/Makefile +++ b/Makefile @@ -123,3 +123,23 @@ linux-configure: $(BUILDROOT_BUILDDIR)/.config -include mkutils/plat/$(KEYSTONE_PLATFORM)/run.mk +PORT_ARGS := +ifneq ($(KEYSTONE_PORT),) + PORT_ARGS += -p $(KEYSTONE_PORT) +endif + +IP_ARGS := +ifeq ($(KEYSTONE_IP),) + IP_ARGS += localhost +else + IP_ARGS += $(KEYSTONE_IP) +endif + +CALL_LOGFILE ?= $(shell mktemp) +call: + $(call log,info,Calling command) + ssh -i $(BUILDROOT_BUILDDIR)/target/root/.ssh/id-rsa \ + -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ + -o ConnectTimeout=5 \ + $(PORT_ARGS) root@$(IP_ARGS) $(KEYSTONE_COMMAND) 2>&1 | \ + grep -v "Warning: Permanently added" | tee -a $(CALL_LOGFILE) diff --git a/mkutils/plat/cva6/run.mk b/mkutils/plat/cva6/run.mk index cae910f80..fdfa394d9 100644 --- a/mkutils/plat/cva6/run.mk +++ b/mkutils/plat/cva6/run.mk @@ -19,14 +19,6 @@ flash: $(SD_DEVICE) dd if=$(PAYLOAD) of=$(SDDEVICE_PART1) status=progress oflag=sync bs=1M dd if=$(KERNEL) of=$(SDDEVICE_PART2) status=progress oflag=sync bs=1M -CALL_LOGFILE ?= $(shell mktemp) -call: - $(call log,info,Calling command on the CVA6 board) - ssh -i $(BUILDROOT_BUILDDIR)/target/root/.ssh/id-rsa \ - -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ - root@$(KEYSTONE_IP) $(KEYSTONE_COMMAND) 2>&1 | \ - grep -v "Warning: Permanently added" | tee -a $(CALL_LOGFILE) - debug-connect: $(call log,info,Connecting to OpenOCD) $(BUILDROOT_BUILDDIR)/host/bin/riscv64-buildroot-linux-gnu-gdb \ diff --git a/mkutils/plat/generic/run.mk b/mkutils/plat/generic/run.mk index f1c113f58..8d51859ea 100644 --- a/mkutils/plat/generic/run.mk +++ b/mkutils/plat/generic/run.mk @@ -2,8 +2,8 @@ ## QEMU run targets ## ###################### -QEMU_PORT ?= 9821 -QEMU_DBG_PORT ?= $(shell echo $$(( $(QEMU_PORT) + 1)) ) +KEYSTONE_PORT ?= 9821 +QEMU_DBG_PORT ?= $(shell echo $$(( $(KEYSTONE_PORT) + 1)) ) QEMU_DEBUG := -gdb tcp::$(QEMU_DBG_PORT) -S QEMU_MEM ?= 2G @@ -17,7 +17,7 @@ QEMU_FLAGS := -m $(QEMU_MEM) -smp $(QEMU_SMP) -nographic \ -drive file=$(BUILDROOT_BUILDDIR)/images/rootfs.ext2,format=raw,id=hd0 \ -device virtio-blk-device,drive=hd0 \ -append "console=ttyS0 ro root=/dev/vda" \ - -netdev user,id=net0,net=192.168.100.1/24,dhcpstart=192.168.100.128,hostfwd=tcp::$(QEMU_PORT)-:22 \ + -netdev user,id=net0,net=192.168.100.1/24,dhcpstart=192.168.100.128,hostfwd=tcp::$(KEYSTONE_PORT)-:22 \ -device virtio-net-device,netdev=net0 \ -device virtio-rng-pci \ @@ -29,15 +29,6 @@ run: $(call log,info,Starting QEMU) $(BUILDROOT_BUILDDIR)/host/bin/qemu-system-riscv$(KEYSTONE_BITS) $(QEMU_FLAGS) -CALL_LOGFILE ?= $(shell mktemp) -call: - $(call log,info,Calling command in QEMU) - ssh -i $(BUILDROOT_BUILDDIR)/target/root/.ssh/id-rsa \ - -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ - -o ConnectTimeout=5 \ - -p $(QEMU_PORT) root@localhost $(KEYSTONE_COMMAND) 2>&1 | \ - grep -v "Warning: Permanently added" | tee -a $(CALL_LOGFILE) - debug-connect: $(call log,info,Connecting to QEMU) $(BUILDROOT_BUILDDIR)/host/bin/riscv$(KEYSTONE_BITS)-buildroot-linux-gnu-gdb \ diff --git a/mkutils/plat/unmatched/run.mk b/mkutils/plat/hifive_unmatched/run.mk similarity index 99% rename from mkutils/plat/unmatched/run.mk rename to mkutils/plat/hifive_unmatched/run.mk index cd0a40653..02fbf4cf1 100644 --- a/mkutils/plat/unmatched/run.mk +++ b/mkutils/plat/hifive_unmatched/run.mk @@ -22,4 +22,3 @@ ifeq ($(EXTEND),1) endif endif - diff --git a/mkutils/plat/mpfs/run.mk b/mkutils/plat/mpfs/run.mk index e2162950d..0674a3491 100644 --- a/mkutils/plat/mpfs/run.mk +++ b/mkutils/plat/mpfs/run.mk @@ -18,14 +18,6 @@ run: $(call log,info,Starting OpenOCD) $(SC_INSTALL_DIR)/openocd/bin/openocd $(OPENOCD_FLAGS) -CALL_LOGFILE ?= $(shell mktemp) -call: - $(call log,info,Calling command on the MPFS board) - ssh -i $(BUILDROOT_BUILDDIR)/target/root/.ssh/id-rsa \ - -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ - root@$(KEYSTONE_IP) $(KEYSTONE_COMMAND) 2>&1 | \ - grep -v "Warning: Permanently added" | tee -a $(CALL_LOGFILE) - debug-connect: $(call log,info,Connecting to OpenOCD) PYTHONPATH=$(BUILDROOT_BUILDDIR)/build/host-gcc-final-11.4.0/libstdc++-v3/python \ diff --git a/scripts/ci/configs/global.sh b/scripts/ci/configs/global.sh index eb253ac8a..53a705479 100644 --- a/scripts/ci/configs/global.sh +++ b/scripts/ci/configs/global.sh @@ -11,3 +11,6 @@ export TTY_IDPRODUCT_mpfs="ea71" export TTY_IDVENDOR_cva6="0403" export TTY_IDPRODUCT_cva6="6001" +# hifive_unmatched +export TTY_IDVENDOR_hifive_unmatched="0403" +export TTY_IDPRODUCT_hifive_unmatched="6010" diff --git a/scripts/ci/configs/track.sh b/scripts/ci/configs/track.sh index be4193f5d..eaf478ddf 100644 --- a/scripts/ci/configs/track.sh +++ b/scripts/ci/configs/track.sh @@ -5,6 +5,7 @@ export RELAY_SERIAL="AH02O23H" export RELAY_ID_global=1 export RELAY_ID_mpfs=8 export RELAY_ID_cva6=4 +export RELAY_ID_hifive_unmatched=5 # MPFS configuration @@ -20,3 +21,8 @@ export TFTP_DIR="/srv/tftp" export HOST_IP_cva6="10.42.1.1" export BOARD_IP_cva6="10.42.1.171" + +# Unmatched configuration + +export HOST_IP_hifive_unmatched="10.42.1.1" +export BOARD_IP_hifive_unmatched="10.42.1.27" diff --git a/scripts/ci/plat/hifive_unmatched/expected.log b/scripts/ci/plat/hifive_unmatched/expected.log new file mode 100644 index 000000000..ebb05b50b --- /dev/null +++ b/scripts/ci/plat/hifive_unmatched/expected.log @@ -0,0 +1,17 @@ +Verifying archive integrity... MD5 checksums are OK. All good. +Uncompressing Keystone Enclave Package +testing test-stack +testing test-loop +testing test-malloc +testing test-long-nop +testing test-fibonacci +testing test-fib-bench +testing test-attestation +Attestation report SIGNATURE is valid +testing test-untrusted +Enclave said: hello world! +Enclave said: 2nd hello world! +Enclave said value: 13 +Enclave said value: 20 +testing test-data-sealing +Enclave said: Sealing key derivation successful! diff --git a/scripts/ci/plat/hifive_unmatched/flash-os.sh b/scripts/ci/plat/hifive_unmatched/flash-os.sh new file mode 100755 index 000000000..8d4a60082 --- /dev/null +++ b/scripts/ci/plat/hifive_unmatched/flash-os.sh @@ -0,0 +1,43 @@ +#!/bin/bash +set -e + +# Source global test configuration file +. scripts/ci/test-setup.sh + +OS_FILENAME="build-hifive_unmatched64/buildroot.build/images/sdcard.img" +get_platform_var HOST_IP +get_platform_var BOARD_IP + +########### +## Flash ## +########### +set -x + +TTYDEV=$(find_tty 1) +touch "$LOGFILE" +start_record_tty "$TTYDEV" 115200 "$LOGFILE" hfu-tty + +power_on_btn +wait_for "Hit any key to stop autoboot" +echo 'a' > "$TTYDEV" + +rm -rf "$TFTP_DIR/sdcard.img" +cp "$OS_FILENAME" "$TFTP_DIR/sdcard.img" + +# Configure TFTP +echo "setenv serverip $HOST_IP" > "$TTYDEV" ; sleep 1 +echo "setenv ipaddr $BOARD_IP" > "$TTYDEV" ; sleep 1 + +echo "tftp sdcard.img" > "$TTYDEV" +wait_for "=>" +echo "mmc write 80210000 0 100000" > "$TTYDEV" +wait_for "=>" + +stop_record_tty hfu-tty +power_off_btn + +# For some reason, the UART for this board does not like +# being closed and then opened again quickly. This leads to +# test failures later on, so we delay a bit extra. +sleep 5 +exit 0 diff --git a/scripts/ci/plat/hifive_unmatched/test.sh b/scripts/ci/plat/hifive_unmatched/test.sh new file mode 100755 index 000000000..b4e6cb65f --- /dev/null +++ b/scripts/ci/plat/hifive_unmatched/test.sh @@ -0,0 +1,43 @@ +#!/bin/bash +set -e + +# Source global test configuration file +. scripts/ci/test-setup.sh + +if [[ -z "$CMD_LOGFILE" ]]; then + echo "CMD_LOGFILE undefined" + exit 1 +fi + +get_platform_var BOARD_IP + +############### +## Run tests ## +############### +set -x + +# Fix permissions on the key +chmod 600 "build-hifive_unmatched64/buildroot.build/target/root/.ssh/id-rsa" + +# Start the board +export KEYSTONE_PLATFORM="hifive_unmatched" +export KEYSTONE_IP="$BOARD_IP" + +TTYDEV=$(find_tty 1) +start_record_tty "$TTYDEV" 115200 "$LOGFILE" hfu-tty +power_on_btn + +# TODO: check for connectivity instead of sleeping +sleep 60 + +export CALL_LOGFILE="$CMD_LOGFILE" +touch "$CALL_LOGFILE" + +KEYSTONE_COMMAND="modprobe keystone-driver" make call +KEYSTONE_COMMAND="/usr/share/keystone/examples/tests.ke" make call +# TODO: attestation does not yet work in unmatched +#KEYSTONE_COMMAND="/usr/share/keystone/examples/attestor.ke" make call + +power_off_btn +stop_record_tty hfu-tty +exit 0 diff --git a/scripts/ci/test-setup.sh b/scripts/ci/test-setup.sh index f2d19dfa3..df6e121b2 100755 --- a/scripts/ci/test-setup.sh +++ b/scripts/ci/test-setup.sh @@ -73,6 +73,16 @@ function power_off { ./scripts/ci/utils/relay_power.py "$RELAY_SERIAL" "$RELAY_ID" off } +function power_on_btn { + # Very temporarily close the power on circuit + power_on ; power_off +} + +function power_off_btn { + # Simulate holding the power button to force off + power_on ; sleep 3 ; power_off +} + # Serial functions get_platform_var TTY_IDVENDOR @@ -135,4 +145,14 @@ function wait_for { ############# # Make sure we turn off the boards if we die early -trap power_off EXIT +function final_shutdown { + if [[ $? -ne 0 ]]; then + if [[ "$KEYSTONE_PLATFORM" == "hifive_unmatched" ]]; then + power_off_btn + else + power_off + fi + fi +} + +trap final_shutdown EXIT