Add manual test of SabreLite secure boot
This test ensures:
- U-Boot is compiled with HAB and FIT support
- SRK hash is fused and U-Boot is signed ('hab_status' call)
- U-Boot is able to verify signed OS image in FIT format
- U-Boot hangs in case if we try to boot with unsigned binary
Unfortunately the DUT in "open" mode assume any signature as valid, hence it is not possible to check the boot hang for FIT image signed with incorrect key -- the HW return 'success' while checking signature.
If the system is in 'closed' state then it is able to use incorrect signature for the image, for example taken from document "High Assurance Boot (HAB) for dummies" by Boundary Devises: https://boundarydevices.com/high-assurance-boot-hab-dummies/
To check if the system is in "closed" state: => fuse read 0 6 Reading bank 0:
Word 0x00000006: 00000012
the last digit must be "2".
Signed-off-by: Denis Pynkin denis.pynkin@collabora.com Signed-off-by: Emanuele Aina emanuele.aina@collabora.com