Skip to content

Commit 5d145f2

Browse files
committed
ci: drop wolfHSM from per-PR TZ tests; covered by nightly in wolfHSM
1 parent df94bbb commit 5d145f2

2 files changed

Lines changed: 6 additions & 38 deletions

File tree

.github/workflows/trustzone-emulator-tests.yml

Lines changed: 5 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -119,43 +119,11 @@ jobs:
119119
grep -q "\\[BKPT\\] imm=0x7f" /tmp/m33mu-fwtpm.log
120120
grep -q "\\[EXPECT BKPT\\] Success" /tmp/m33mu-fwtpm.log
121121
122-
- name: Clean and build test with wolfHSM (stm32h5)
123-
run: |
124-
make clean distclean
125-
cd port/stmicro/stm32h5-tz-wolfhsm
126-
make
127-
test -f out/wolfboot.bin
128-
test -f out/image_v1_signed.bin
129-
test -f out/manifest.env
130-
131-
- name: Prepare wolfHSM persistence directory
132-
run: |
133-
rm -rf /tmp/m33mu-wolfhsm-persist
134-
mkdir -p /tmp/m33mu-wolfhsm-persist
135-
136-
- name: Run wolfHSM whTest_ClientConfig (stm32h5)
137-
run: |
138-
cd /tmp/m33mu-wolfhsm-persist
139-
m33mu "$GITHUB_WORKSPACE/wolfboot.bin" \
140-
"$GITHUB_WORKSPACE/test-app/image_v1_signed.bin:0x60000" \
141-
--persist --uart-stdout --timeout 600 --expect-bkpt 0x7d \
142-
--quit-on-faults \
143-
| tee /tmp/m33mu-wolfhsm.log
144-
145-
- name: Verify wolfHSM whTest_ClientConfig (stm32h5)
146-
run: |
147-
# Final success marker - the test itself reports PASSED.
148-
grep -q "wolfHSM whTest_ClientConfig PASSED" /tmp/m33mu-wolfhsm.log
149-
# Spot-check that the major test phases each landed.
150-
grep -q "RNG DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
151-
grep -q "AES GCM DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
152-
grep -q "RSA SUCCESS" /tmp/m33mu-wolfhsm.log
153-
grep -q "ECC ephemeral ECDH SUCCESS" /tmp/m33mu-wolfhsm.log
154-
grep -q "SHA256 DEVID=0x5748534D SUCCESS" /tmp/m33mu-wolfhsm.log
155-
grep -q "HKDF SUCCESS" /tmp/m33mu-wolfhsm.log
156-
# App reached the success BKPT and m33mu trapped on it.
157-
grep -q "\\[BKPT\\] imm=0x7d" /tmp/m33mu-wolfhsm.log
158-
grep -q "\\[EXPECT BKPT\\] Success" /tmp/m33mu-wolfhsm.log
122+
# The wolfHSM STM32H5 TrustZone integration is exercised by the
123+
# nightly cross-repo job in wolfHSM
124+
# (.github/workflows/wolfboot-tz-integration.yml), which builds
125+
# this demo against the latest wolfHSM main and runs it under
126+
# m33mu. It is intentionally not gated on every wolfBoot PR.
159127

160128
- name: Clean and build test with DICE attestation + OTP (stm32h5)
161129
run: |

lib/wolfHSM

0 commit comments

Comments
 (0)