Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xtest regression 4007_ecc and 4011 leave generated keys behind #652

Closed
mwasilew opened this issue Feb 22, 2023 · 6 comments
Closed

xtest regression 4007_ecc and 4011 leave generated keys behind #652

mwasilew opened this issue Feb 22, 2023 · 6 comments
Labels
Stale

Comments

@mwasilew
Copy link

When running regression 4007_ecc and regression 4011 with SE050 xtest creates key pairs in the element. These are left behind after the tests complete. After running a few iterations of xtest SE050 runs out of space for creating new keys. IMHO each test should delete the temporary objects once they're no longer used.
@jforissier
Copy link
Contributor

Agreed.

@mwasilew
Copy link
Author

Is there an easy way to fix it? I'm not very familiar with xtest code but I think the missing bit is ta_crypt_cmd_free_transient_object

@mwasilew
Copy link
Author

mwasilew commented Mar 7, 2023

@jforissier I tried to fix the issue, but my knowledge of op-tee is very limited. The key pairs are generated on the se050 when tests call TEE_GenerateKey. This is the case in both tests (4007_ecc and 4011). I think all tests that call ta_crypt_cmd_generate_key will suffer from this issue. I re-ran my tests with level 1. This enables RSA key pair generation in test 4007 and it left 4 more key pairs in the se050. Could you tell me if there is an op-tee method for removing the key pairs from se050 that I can use? I searched the API and nothing stands out.

@jforissier
Copy link
Contributor

I don't have an answer but I believe @ldts can help.

@ldts
Copy link
Contributor

ldts commented Mar 7, 2023

yes, it is borken with the regression xtests (not with the pkcs11 ones) : see OP-TEE/optee_os#5086

I suggest using some tool like https://github.com/foundriesio/fio-se05x-cli to clear the device nvm until we have a proposal to the issue above..

mwasilew added a commit to mwasilew/test-definitions that referenced this issue Mar 7, 2023
@mwasilew
automated: linux: add se05x reset after running xtest
5fe3238 
When running xtest on the device with secure element (SE050) some tests
generate objects in the element. These objects are not deleted by the
tests:
OP-TEE/optee_test#652
In the long run secure element runs out of space and all tests start
failing with strange errors. To mitigate this the script will call reset
method on SE050 after all tests are completed. This should at least fix
the problem of residual objects.

Signed-off-by: Milosz Wasilewski <milosz.wasilewski@foundries.io>
@mwasilew mwasilew mentioned this issue Mar 7, 2023
Merged
mwasilew added a commit to mwasilew/test-definitions that referenced this issue Mar 7, 2023
@mwasilew
automated: linux: add se05x reset after running xtest
8fef609 
When running xtest on the device with secure element (SE050) some tests
generate objects in the element. These objects are not deleted by the
tests:
OP-TEE/optee_test#652
In the long run secure element runs out of space and all tests start
failing with strange errors. To mitigate this the script will call reset
method on SE050 after all tests are completed. This should at least fix
the problem of residual objects.

Signed-off-by: Milosz Wasilewski <milosz.wasilewski@foundries.io>
mwasilew added a commit to mwasilew/test-definitions that referenced this issue Mar 20, 2023
@mwasilew
automated: linux: add se05x reset after running xtest
821eeb6 
When running xtest on the device with secure element (SE050) some tests
generate objects in the element. These objects are not deleted by the
tests:
OP-TEE/optee_test#652
In the long run secure element runs out of space and all tests start
failing with strange errors. To mitigate this the script will call reset
method on SE050 after all tests are completed. This should at least fix
the problem of residual objects.

Signed-off-by: Milosz Wasilewski <milosz.wasilewski@foundries.io>
roxell pushed a commit to Linaro/test-definitions that referenced this issue Mar 24, 2023
@mwasilew @roxell
automated: linux: add se05x reset after running xtest
ffbe281 
When running xtest on the device with secure element (SE050) some tests
generate objects in the element. These objects are not deleted by the
tests:
OP-TEE/optee_test#652
In the long run secure element runs out of space and all tests start
failing with strange errors. To mitigate this the script will call reset
method on SE050 after all tests are completed. This should at least fix
the problem of residual objects.

Signed-off-by: Milosz Wasilewski <milosz.wasilewski@foundries.io>
@github-actions
Copy link

github-actions bot commented Apr 7, 2023

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note that you can always re-open a closed issue at any time.

@github-actions github-actions bot added the Stale label Apr 7, 2023
@jforissier jforissier mentioned this issue Jun 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mwasilew @jforissier @ldts