Stop cloud dl

.gitmodules

@@ -17,3 +17,6 @@
 [submodule "dcu"]
 	path = dcu
 	url = https://github.com/Dasharo/dcu.git
+[submodule "osfv-test-data"]
+	path = osfv-test-data
+	url = https://github.com/Dasharo/osfv-test-data.git

dasharo-compatibility/dasharo-tools-suite.robot

@@ -29,13 +29,7 @@ DTS001.001 Booting DTS from USB works correctly
     [Documentation]    This test aims to verify that DTS is properly booting
     ...    from USB.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    DTS001.001 not supported
-    # FIXME: Only supported on PiKVM based setups right now
-    Skip If    "${DUT_CONNECTION_METHOD}" != "pikvm"    DTS001.001 not supported
-    Skip    This test will fail. You cannot use SSH when using DTS via PiKVM, as it is read-only and SSH fails.
-    Download ISO And Mount As USB
-    ...    ${DL_CACHE_DIR}/dts-base-image-v1.2.8.iso
-    ...    ${DTS_URL}
-    ...    f42b59633dbcc16ecbd7c98a880c582c5235c22626d7204202c922f3a7fa231b
+    Mount USB Disk Image    ${TEST_DATA_DIR}/dts/dts-base-image-v2.1.3.wic
     Power On
     Boot Dasharo Tools Suite    USB
 

dasharo-compatibility/dcu.robot

@@ -73,7 +73,7 @@ DCU003.001 Change the bootsplash logo
     Skip If    not ${CUSTOM_LOGO_SUPPORT}    DCU003.001 not supported
 
     ${img_sum}=    Set Variable    f91fe017bef1f98ce292bde1c2c7c61edf7b51e9c96d25c33bfac90f50de4513
-    ${logo_path}=    Join Path    ${DL_CACHE_DIR}    logo.bmp
+    ${logo_path}=    Join Path    ${TEST_DATA_DIR}/dcu    logo.bmp
     DCU Logo Set In File    ${FW_COPY}    ${logo_path}
     Flash Firmware    ${FW_COPY}
     Make Sure New Firmware Is Booted After Flashing
@@ -116,11 +116,6 @@ DCU004.001 Verify SMMSTORE changes
 
 *** Keywords ***
 Prepare DCU Test Environment
-    Download To Host Cache
-    ...    logo.bmp
-    ...    https://cloud.3mdeb.com/index.php/s/rsjCdz4wSNesLio/download
-    ...    6e5a6722955e4f78d947654630f27ff833703fbc04776ffed963c96617f6bb2a
-
     Run    cp ${FW_FILE} ${FW_COPY}
     Run    chmod -R a+rw dcu
 

dasharo-compatibility/esp-scanning.robot

@@ -23,8 +23,6 @@ Suite Setup         Run Keywords
 ...                     AND
 ...                     Skip If    not ${ESP_SCANNING_SUPPORT}    ESP scanning tests not supported
 ...                     AND
-...                     Prepare Required Files For Qemu
-...                     AND
 ...                     Prepare EFI Partition With System Files
 Suite Teardown      Run Keywords
 ...                     Clear Out EFI Partition    AND
@@ -51,9 +49,7 @@ ESP003.001 ESP Scan ignores OSes on removable media
     ...    listed in boot menu, except for DTS.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    ESP003.001 not supported
     Power On
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/CorePlus-current.iso
-    ...    ${TINYCORE_URL}
-    ...    5c0c5c7c835070f0adcaeafad540252e9dd2935c02e57de6112fb92fb5d6f9c5
+    Mount USB Disk Image    ${TEST_DATA_DIR}/iso/TinyCore-15.0.iso    required=${FALSE}
     Power On
     ${boot_menu}=    Enter Boot Menu Tianocore And Return Construction
     Should Not Contain Match    ${boot_menu}    *CorePlus*
@@ -80,10 +76,7 @@ ESP005.001 ESP Scan detects Dasharo Tools Suite
     ...    menu entry.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    ESP005.001 not supported
     Power On
-    Download ISO And Mount As USB
-    ...    ${DL_CACHE_DIR}/dts-base-i${DL_CACHE_DIR}/mage-v1.2.8.iso
-    ...    ${DTS_URL}
-    ...    f42b59633dbcc16ecbd7c98a880c582c5235c22626d7204202c922f3a7fa231b
+    Mount USB Disk Image    ${TEST_DATA_DIR}/dts/dts-base-image-v2.1.3.wic
     Power On
     ${boot_menu}=    Enter Boot Menu Tianocore And Return Construction
     Should Contain Match    ${boot_menu}    Dasharo Tools Suite (on *

dasharo-compatibility/firmware-bulding-locally.robot

@@ -43,7 +43,7 @@ FLB002.001 Flash locally built firmware (Ubuntu)
     Power On
     Login To Linux
     Switch To Root User
-    Get Flashrom From Cloud
+    Get Flashrom
     Write Into Terminal    flashrom -p internal -w ../coreboot/build/coreboot.rom --ifd -i bios
     ${flash_result}=    Read From Terminal Until Prompt
     IF    "Warning: Chip content is identical to the requested image." in """${flash_result}"""

dasharo-compatibility/usb-hid-and-msc-support.robot

@@ -144,10 +144,9 @@ Prepare USB HID Test Suite
     ELSE
         Set Suite Variable    $HAS_KEYBOARD    ${FALSE}
     END
-    ${conf}=    Get Current CONFIG    ${CONFIG_LIST}
 
     IF    "${DUT_CONNECTION_METHOD}" == "pikvm"
-        Upload And Mount DTS Flash Iso
+        Mount USB Disk Image    ${TEST_DATA_DIR}/secure-boot/sb_test_data.img
     END
 
     # Assume for now that we always have USB storage attached. In fact, all of

dasharo-security/bios-lock.robot

@@ -37,7 +37,7 @@ BLS001.001 BIOS lock support (Ubuntu)
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Flashrom From Cloud
+    Get Flashrom
     ${out_flashrom}=    Execute Command In Terminal    flashrom -p internal
     ${pr0}=    Get Lines Matching Regexp    ${out_flashrom}    ^PR0: Warning: 0x.{8}-0x.{8} is read-only.$
     Should Not Be Empty    ${pr0}
@@ -52,7 +52,7 @@ BLS002.001 BIOS lock support deactivation (Ubuntu)
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Flashrom From Cloud
+    Get Flashrom
     ${out_flashrom}=    Execute Command In Terminal    flashrom -p internal
     ${pr0}=    Get Lines Matching Regexp    ${out_flashrom}    ^PR0: Warning: 0x.{8}-0x.{8} is read-only.$
     Should Be Empty    ${pr0}

dasharo-security/early-boot-dma-protection.robot

@@ -42,7 +42,7 @@ EDP001.001 Enable early Boot DMA Protection support
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Cbmem From Cloud
+    Get Cbmem
     ${cbmem_output}=    Execute Command In Terminal    cbmem -1 | grep --color=never DMA
     Should Contain    ${cbmem_output}    Successfully enabled VT-d PMR DMA protection
 
@@ -61,6 +61,6 @@ EDP002.001 Disable early Boot DMA Protection support
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Cbmem From Cloud
+    Get Cbmem
     ${cbmem_output}=    Execute Command In Terminal    cbmem -1 | grep --color=never DMA
     Should Not Contain    ${cbmem_output}    Successfully enabled VT-d PMR DMA protection

dasharo-security/secure-boot.robot

@@ -25,6 +25,8 @@ Suite Setup         Run Keywords
 ...                     AND
 ...                     Skip If    not ${SECURE_BOOT_SUPPORT}    Secure Boot is not supported
 ...                     AND
+...                     Mount USB Disk Image    ${TEST_DATA_DIR}/secure-boot/sb_test_data.img
+...                     AND
 ...                     Restore Secure Boot Defaults
 Suite Teardown      Run Keywords
 ...                     Run Keyword If    ${SECURE_BOOT_SUPPORT} and ${TESTS_IN_FIRMWARE_SUPPORT}    Set Secure Boot State To Disabled
@@ -131,7 +133,6 @@ SBO003.001 Attempt to boot file with the correct key from Shell (firmware)
     ...    a signed file with a correct key.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    SBO003.001 not supported
     Skip If    not ${TESTS_IN_UBUNTU_SUPPORT}    SBO003.001 not supported
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/${GOOD_KEYS_NAME}    ${GOOD_KEYS_URL}    ${GOOD_KEYS_SHA256}
     Power On
     ${sb_menu}=    Enter Secure Boot Menu And Return Construction
     Enable Secure Boot    ${sb_menu}
@@ -141,22 +142,21 @@ SBO003.001 Attempt to boot file with the correct key from Shell (firmware)
     ${sb_menu}=    Get Secure Boot Menu Construction
     ${advanced_menu}=    Enter Advanced Secure Boot Keys Management And Return Construction    ${sb_menu}
     Enter Enroll DB Signature Using File In DB Options    ${advanced_menu}
-    Enter Volume In File Explorer    GOOD_KEYS
-    Select File In File Explorer    DB.cer
+    Enter Volume In File Explorer    SB_TEST
+    Select File In File Explorer    good_keys_DB.cer
     # Save Changes And Reset
     # Changes to Secure Boot menu take action immediately, so we can just reset
     Tianocore Reset System
 
     Enter UEFI Shell
-    ${out}=    Execute File In UEFI Shell    hello-valid-keys.efi
+    ${out}=    Execute File In UEFI Shell    good_keys_hello.efi
     Should Contain    ${out}    Hello, world!
 
 SBO004.001 Attempt to boot file without the key from Shell (firmware)
     [Documentation]    This test verifies that Secure Boot blocks booting a file
     ...    without a key.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    SBO004.001 not supported
     Skip If    not ${TESTS_IN_UBUNTU_SUPPORT}    SBO004.001 not supported
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/${NOT_SIGNED_NAME}    ${NOT_SIGNED_URL}    ${NOT_SIGNED_SHA256}
     # 1. Make sure that SB is enabled
     Power On
     ${sb_menu}=    Enter Secure Boot Menu And Return Construction
@@ -165,15 +165,14 @@ SBO004.001 Attempt to boot file without the key from Shell (firmware)
     # Changes to Secure Boot menu takes action immediately, so we can just reset
     Tianocore Reset System
     Enter UEFI Shell
-    ${out}=    Execute File In UEFI Shell    hello.efi
+    ${out}=    Execute File In UEFI Shell    not_signed_hello.efi
     Should Contain    ${out}    Access Denied
 
 SBO005.001 Attempt to boot file with the wrong-signed key from Shell (firmware)
     [Documentation]    This test verifies that Secure Boot disallows booting
     ...    a signed file with a wrong-signed key.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    SBO005.001 not supported
     Skip If    not ${TESTS_IN_UBUNTU_SUPPORT}    SBO005.001 not supported
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/${BAD_KEYS_NAME}    ${BAD_KEYS_URL}    ${BAD_KEYS_SHA256}
     # 1. Make sure that SB is enabled
     Power On
     ${sb_menu}=    Enter Secure Boot Menu And Return Construction
@@ -182,7 +181,7 @@ SBO005.001 Attempt to boot file with the wrong-signed key from Shell (firmware)
     # Changes to Secure Boot menu takes action immediately, so we can just reset
     Tianocore Reset System
     Enter UEFI Shell
-    ${out}=    Execute File In UEFI Shell    hello-bad-keys.efi
+    ${out}=    Execute File In UEFI Shell    bad_keys_hello.efi
     Should Contain    ${out}    Access Denied
 
 SBO006.001 Reset Secure Boot Keys option availability (firmware)
@@ -206,7 +205,6 @@ SBO007.001 Attempt to boot the file after restoring keys to default (firmware)
     ...    removes any custom added certificates.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    SBO007.001 not supported
     Skip If    not ${TESTS_IN_UBUNTU_SUPPORT}    SBO007.001 not supported
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/${GOOD_KEYS_NAME}    ${GOOD_KEYS_URL}    ${GOOD_KEYS_SHA256}
     Power On
     ${sb_menu}=    Enter Secure Boot Menu And Return Construction
     Enable Secure Boot    ${sb_menu}
@@ -217,14 +215,14 @@ SBO007.001 Attempt to boot the file after restoring keys to default (firmware)
     ${sb_menu}=    Get Secure Boot Menu Construction
     ${advanced_menu}=    Enter Advanced Secure Boot Keys Management And Return Construction    ${sb_menu}
     Enter Enroll DB Signature Using File In DB Options    ${advanced_menu}
-    Enter Volume In File Explorer    GOOD_KEYS
-    Select File In File Explorer    DB.cer
+    Enter Volume In File Explorer    SB_TEST
+    Select File In File Explorer    good_keys_DB.cer
     # Save Changes And Reset
     # Changes to Secure Boot menu take action immediately, so we can just reset
     Tianocore Reset System
 
     Enter UEFI Shell
-    ${out}=    Execute File In UEFI Shell    hello-valid-keys.efi
+    ${out}=    Execute File In UEFI Shell    good_keys_hello.efi
     Should Contain    ${out}    Hello, world!
 
     Power On
@@ -236,15 +234,14 @@ SBO007.001 Attempt to boot the file after restoring keys to default (firmware)
     Tianocore Reset System
 
     Enter UEFI Shell
-    ${out}=    Execute File In UEFI Shell    hello-valid-keys.efi
+    ${out}=    Execute File In UEFI Shell    good_keys_hello.efi
     Should Contain    ${out}    Access Denied
 
 SBO008.001 Attempt to enroll the key in the incorrect format (firmware)
     [Documentation]    This test verifies that it is impossible to load
     ...    a certificate in the wrong file format.
     Skip If    not ${TESTS_IN_FIRMWARE_SUPPORT}    SBO008.001 not supported
     Skip If    not ${TESTS_IN_UBUNTU_SUPPORT}    SBO008.001 not supported
-    Download ISO And Mount As USB    ${DL_CACHE_DIR}/${BAD_FORMAT_NAME}    ${BAD_FORMAT_URL}    ${BAD_FORMAT_SHA256}
     # 1. Make sure that SB is enabled
     Power On
     ${sb_menu}=    Enter Secure Boot Menu And Return Construction
@@ -254,8 +251,8 @@ SBO008.001 Attempt to enroll the key in the incorrect format (firmware)
     ${sb_menu}=    Get Secure Boot Menu Construction
     ${advanced_menu}=    Enter Advanced Secure Boot Keys Management And Return Construction    ${sb_menu}
     Enter Enroll DB Signature Using File In DB Options    ${advanced_menu}
-    Enter Volume In File Explorer    BAD_FORMAT
-    Select File In File Explorer    DB.txt
+    Enter Volume In File Explorer    SB_TEST
+    Select File In File Explorer    bad_format_DB.txt
     Read From Terminal Until    ERROR: Unsupported file type!
 
 
@@ -266,23 +263,3 @@ Set Secure Boot State To Disabled
     Disable Secure Boot    ${sb_menu}
     # Changes to Secure Boot menu take action immediately, so we can just reset
     Tianocore Reset System
-
-Prepare Test Files
-    IF    "${MANUFACTURER}" == "QEMU"
-        Download To Host Cache
-        ...    ${GOOD_KEYS_NAME}
-        ...    ${GOOD_KEYS_URL}
-        ...    ${GOOD_KEYS_SHA256}
-        Download To Host Cache
-        ...    ${NOT_SIGNED_NAME}
-        ...    ${NOT_SIGNED_URL}
-        ...    ${NOT_SIGNED_SHA256}
-        Download To Host Cache
-        ...    ${BAD_KEYS_NAME}
-        ...    ${BAD_KEYS_URL}
-        ...    ${BAD_KEYS_SHA256}
-        Download To Host Cache
-        ...    ${BAD_FORMAT_NAME}
-        ...    ${BAD_FORMAT_URL}
-        ...    ${BAD_FORMAT_SHA256}
-    END

dasharo-security/tpm-support.robot

@@ -33,7 +33,7 @@ TPM001.001 TPM Support (firmware)
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Cbmem From Cloud
+    Get Cbmem
     ${out}=    Execute Command In Terminal    cbmem -L
     Should Contain Any    ${out}    TPM2 log    TCPA log
 
@@ -69,7 +69,7 @@ TPM002.001 Verify TPM version (firmware)
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Cbmem From Cloud
+    Get Cbmem
     ${out}=    Execute Command In Terminal    cbmem -L
     Should Contain Any    ${out}    TPM2 log    TCPA log
 
@@ -104,7 +104,7 @@ TPM003.001 Check TPM Physical Presence Interface (firmware)
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Cbmem From Cloud
+    Get Cbmem
     ${out}=    Execute Command In Terminal    cbmem -1 | grep PPI
     Should Contain    ${out}    PPI: Pending OS request
     Should Contain    ${out}    PPI: OS response

dasharo-security/verified-boot.robot

@@ -266,7 +266,7 @@ Prepare Tools, Keys And Binaries
     Boot System Or From Connected Disk    ubuntu
     Login To Linux
     Switch To Root User
-    Get Coreboot Tools From Cloud
+    Get Coreboot Tools
     Install Docker Packages
     Generate Verified Boot Keys
     Resign Existing Firmware Image With Generated Keys

dasharo-stability/capsule-update.robot

@@ -428,12 +428,7 @@ Prepare For Logo Persistence Test
     Run    cp ${FW_FILE} dcu/coreboot.rom
 
     IF    ${CUSTOM_LOGO_SUPPORT} == ${TRUE}
-        Download To Host Cache
-        ...    logo.bmp
-        ...    https://cloud.3mdeb.com/index.php/s/rsjCdz4wSNesLio/download
-        ...    6e5a6722955e4f78d947654630f27ff833703fbc04776ffed963c96617f6bb2a
-        ${local_path}=    Join Path    ${DL_CACHE_DIR}    logo.bmp
-        Run    cp ${local_path} dcu/logo.bmp
+        Run    cp ${TEST_DATA_DIR}/dcu/logo.bmp
         ${result}=    Run Process    bash    -c    cd ./dcu; ./dcuc logo ./coreboot.rom -l ./logo.bmp
         Log    ${result.stdout}
         Log    ${result.stderr}

keywords.robot

@@ -7,7 +7,6 @@ Resource        lib/usb-hid-msc-lib.robot
 Resource        lib/dts-lib.robot
 Resource        lib/terminal.robot
 Resource        lib/esp-scanning-lib.robot
-Resource        lib/dl-cache.robot
 Resource        lib/dmidecode-lib.robot
 Resource        lib/docks.robot
 Resource        lib/flash.robot
@@ -1326,39 +1325,39 @@ Refresh Serial Screen In BIOS Editable Settings Menu
     Press Key N Times    1    ${F10}
     Press Key N Times    1    ${ESC}
 
-Get Coreboot Tools From Cloud
-    [Documentation]    Downloads required coreboot tools from cloud
-    Get Cbmem From Cloud
-    Get Flashrom From Cloud
-    Get Cbfstool From Cloud
+Get Coreboot Tools
+    [Documentation]    Set up required coreboot tools
+    Get Cbmem
+    Get Flashrom
+    Get Cbfstool
 
-Get Cbmem From Cloud
-    [Documentation]    Download cbmem from the cloud.
+Get Cbmem
+    [Documentation]    Set up cbmem on DUT.
     ${cbmem_path}=    Set Variable    /usr/local/bin/cbmem
     ${out_sha256sum}=    Execute Command In Terminal    sha256sum ${cbmem_path}
     ${sha256}=    Set Variable    ${out_sha256sum.split()}[0]
     IF    '${sha256}' != '169c5a5a63699cb37cf08d1eff83e59f146ffa98cf283145f27adecc081ac3f6'
-        Download File    https://cloud.3mdeb.com/index.php/s/C6LJMi4bWz3wzR9/download    ${cbmem_path}
+        Send File To DUT    ${TEST_DATA_DIR}/coreboot-tools/cbmem    ${cbmem_path}
         Execute Command In Terminal    chmod 777 ${cbmem_path}
     END
 
-Get Flashrom From Cloud
-    [Documentation]    Download flashrom from the cloud.
+Get Flashrom
+    [Documentation]    Set up flashrom on DUT.
     ${flashrom_path}=    Set Variable    /usr/local/bin/flashrom
     ${out_sha256sum}=    Execute Command In Terminal    sha256sum ${flashrom_path}
     ${sha256}=    Set Variable    ${out_sha256sum.split()}[0]
     IF    '${sha256}' != '8e57fee6578dd31684da7f1afd6f5e5b1d964bb6db52b3a9ec038a7292802ae9'
-        Download File    https://cloud.3mdeb.com/index.php/s/fsPNM8SpDjATMrW/download    ${flashrom_path}
+        Send File To DUT    ${TEST_DATA_DIR}/coreboot-tools/flashrom    ${flashrom_path}
         Execute Command In Terminal    chmod 777 ${flashrom_path}
     END
 
-Get Cbfstool From Cloud
-    [Documentation]    Download cbfstool from the cloud
+Get Cbfstool
+    [Documentation]    Set up cbfstool on DUT.
     ${cbfstool_path}=    Set Variable    /usr/local/bin/cbfstool
     ${out_sha256sum}=    Execute Command In Terminal    sha256sum ${cbfstool_path}
     ${sha256}=    Set Variable    ${out_sha256sum.split()}[0]
     IF    '${sha256}' != 'e090051e71980620e6f2d2876532eb6fcf4346593260c0c1349a5be51181fb4f'
-        Download File    https://cloud.3mdeb.com/index.php/s/ScCf8XFLZYWBE25/download    ${cbfstool_path}
+        Send File To DUT    ${TEST_DATA_DIR}/coreboot-tools/cbfstool    ${cbfstool_path}
         Execute Command In Terminal    chmod 777 ${cbfstool_path}
     END
 

lib/QemuMonitor.py

@@ -42,6 +42,9 @@ def _send_cmd(self, command, **args):
         logger.trace(self._send("qmp_capabilities"))
         response = self._send(command, **args)
         self._close()
+        if "error" in response:
+            logger.error(f"Command '{command}' failed with error: {response['error']}")
+            raise RuntimeError(f"QEMU monitor error response: {response['error']['desc']}")
         return response
 
     def _send(self, command, **args):