search

ARMmbed / mbed-os-tf-m-regression-tests

An Mbed OS application that runs the TF-M regression tests
2 stars 12 forks source link

Running Regression + PSA Compliance tests suite without ITS erased #43

Closed jainvikas8 closed 4 years ago

jainvikas8 commented 4 years ago

When using the Mbed OS + TF-M v1.1 for ARM_MUSCA_B1 or using test_psa_target.py we see some ITS test failures.

The way to reproduce is as follows: Step 1: Clear ITS area with pyocd pyocd erase --help ITS - 0xA1F0000 to 0xA1FC000 for ARM_MUSCA_B1 Step 2: Compile and run TF-M 1.1v regression tests. (PASSED) - Re-run, without re-flashing, it will still pass. Step 3: Compile and run PSA Compliance - ITS suite (failed for one test)

TEST: 402 | DESCRIPTION: Write once error check
 [Info] Executing tests from non-secure
 [Info] Executing ITS tests
 [Info] UID 1 was created with PSA_STORAGE_FLAG_WRITE_ONCE previously
 [Check 1] Retrieve metadata for UID 1 and check content
 Failed at Checkpoint: 10
 Actual: 36
 Expected: 4
 TEST RESULT: FAILED (Error Code=0x00000001)

The problem with this flow of execution is:

Now let's change the flow Step 1: Clear ITS area Step 2: Compile and run PSA Compliance - ITS suite (PASSED) -- Re-run, without re-flashing, it will still pass. Step 3: Compile and run TF-M 1.1v regression tests. (Number of failed tests: 8 of 19)

Running Test Suite PSA internal trusted storage NS interface tests (TFM_ITS_TEST_1XXX)...
 > Executing 'TFM_ITS_TEST_1001'
 Description: 'Set interface'
 Set should not fail with valid UID (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:33)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1004'
 Description: 'Set interface with write once UID'
 Write once data should not have changed (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:159)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1007'
 Description: 'Get interface with invalid UIDs'
 Get succeeded with non-existant UID (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:375)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1010'
 Description: 'Get info interface with write once UID'
 Size incorrect for write once UID (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:585)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1011'
 Description: 'Get info interface with valid UID'
 Set should not fail (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:613)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1013'
 Description: 'Remove interface with valid UID'
 Set should not fail (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:709)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1017'
 Description: 'Multiple partial gets'
 Set should not fail (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:861)
 TEST FAILED!
 > Executing 'TFM_ITS_TEST_1019'
 Description: 'Set, get and remove interface with different asset sizes'
 Set should not fail with valid UID (Failed at /mnt/c/Work/Workspace/tf-m/trusted-firmware-m/test/suites/its/its_tests_common.c:996)
 TEST FAILED!
 TESTSUITE FAILED!Number of failed tests: 8 of 19

The problem with this flow of execution is:

One may argue to run these test suites we need to start clean (erase ITS), but that reduces the lifetime of flash.

Questions:

Patater commented 4 years ago

This isn't a problem that can be solved by Mbed OS and its tests. TF-M and PSA Compliance tests will need to either be compatible with each other (and tested that they remain compatible with each other), or we need to erase between test runs. Until the tests are compatible with each other, which doesn't seem like anything valuable to do for either TF-M or PSA Compliance tests, we should erase between runs.

jainvikas8 commented 4 years ago

This isn't a problem that can be solved by Mbed OS and its tests. TF-M and PSA Compliance tests will need to either be compatible with each other (and tested that they remain compatible with each other), or we need to erase between test runs. Until the tests are compatible with each other, which doesn't seem like anything valuable to do for either TF-M or PSA Compliance tests, we should erase between runs.

This may involve further changes to scripts that build the target (PR for Mbed OS), but how do we differentiate whether its a test suite run or release? (User would not be happy if the release build erased it's previous ITS storage)

Patater commented 4 years ago

We should test what we release. If this involves using a physical target and erasing its flash, that's what it'll take.

We don't ship the regression test config binaries, though. We should probably invest some time in determining how best to test the release-config binaries. It's a bit annoying that TF-M regression tests can't be used with release binaries. This is a separate issue, though.