firmware_LockedME: Using md5sum to check ME Lock function
Original using verify function of flashrom to check ME Lock, but
the new flashrom will don't verify fail in try_to_rewrite function.
So this change will check ME Lock from flashrom to md5sum.
BUG=b:132922417
TEST=test_that -b sarien <DUT IP> f:.*firmware_LockedME/control
The FW which ME is locked can get PASS
The FW which ME is unlocked can get FAIL
Change-Id: I9df77467453001122c46ba4ed69476d6b73a3b08
Signed-off-by: Chris Zhou <chris_zhou@compal.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/1626208
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Wai-Hong Tam <waihong@google.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
(cherry picked from commit 9577b33a00255a62cd594c9387d04733d348fa72)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/autotest/+/1663925
Tested-by: Caveh Jalali <caveh@google.com>
Reviewed-by: Matthew Blecker <matthewb@chromium.org>
Commit-Queue: Caveh Jalali <caveh@google.com>
diff --git a/client/site_tests/firmware_LockedME/firmware_LockedME.py b/client/site_tests/firmware_LockedME/firmware_LockedME.py
index 484139d..4f88d07 100644
--- a/client/site_tests/firmware_LockedME/firmware_LockedME.py
+++ b/client/site_tests/firmware_LockedME/firmware_LockedME.py
@@ -9,9 +9,6 @@
from autotest_lib.client.bin import test, utils
from autotest_lib.client.common_lib import error
-FLASHROM_ACCESS_FAILED_TOKEN = ('Could not fully verify due to access error, '
- 'ignoring')
-
class firmware_LockedME(test.test):
# Needed by autotest
@@ -20,6 +17,8 @@
# Temporary file to read BIOS image into. We run in a tempdir anyway, so it
# doesn't need a path.
BIOS_FILE = 'bios.bin'
+ RANDOM_FILE = 'newdata'
+ FLASHED_FILE = 'flasheddata'
def flashrom(self, ignore_status=False, args=()):
"""Run flashrom, expect it to work. Fail if it doesn't"""
@@ -38,6 +37,15 @@
else:
return True
+ def md5sum(self, filename):
+ """Run md5sum on a file
+
+ @param filename: Filename to sum
+ @return: md5sum of the file as a 32-character hex string
+ """
+ r = utils.run('md5sum', ignore_status=False, args=[filename])
+ return r.stdout.split()[0]
+
def has_ME(self):
"""See if we can detect an ME.
FREG* is printed only when HSFS_FDV is set, which means the descriptor
@@ -53,14 +61,17 @@
"""If we can modify the ME section, restore it and raise an error."""
logging.info('Try to write section %s...', sectname)
size = os.stat(sectname).st_size
- utils.run('dd', args=('if=/dev/urandom', 'of=newdata',
+ utils.run('dd', args=('if=/dev/urandom', 'of=%s' % (self.RANDOM_FILE),
'count=1', 'bs=%d' % (size)))
- r = self.flashrom(args=('-V', '-w', self.BIOS_FILE,
- '-i' , '%s:newdata' % (sectname),
- '--fast-verify'),
- ignore_status=True)
- if (not r.exit_status and
- FLASHROM_ACCESS_FAILED_TOKEN not in r.stdout):
+ self.flashrom(args=('-V', '-w', self.BIOS_FILE,
+ '-i' , '%s:%s' % (sectname, self.RANDOM_FILE),
+ '--fast-verify'),
+ ignore_status=True)
+ self.flashrom(args=('-r',
+ '-i', '%s:%s' % (sectname, self.FLASHED_FILE)))
+ md5sum_random = self.md5sum(filename=self.RANDOM_FILE)
+ md5sum_flashed = self.md5sum(filename=self.FLASHED_FILE)
+ if md5sum_random == md5sum_flashed:
logging.info('Oops, it worked! Put it back...')
self.flashrom(args=('-w', self.BIOS_FILE,
'-i', '%s:%s' % (sectname, sectname),