These tests currently run in a particular sequence, with some of them
depending on the actions of earlier tests.
Add a check for sandbox and reset to a known state at the start of each
test, so that all tests can run in parallel.
Signed-off-by: Simon Glass <sjg@chromium.org>
u_boot_console.run_command('tpm2 clear TPM2_RH_PLATFORM')
u_boot_console.run_command('echo --- end of init ---')
u_boot_console.run_command('tpm2 clear TPM2_RH_PLATFORM')
u_boot_console.run_command('echo --- end of init ---')
+def is_sandbox(cons):
+ # Array slice removes leading/trailing quotes.
+ sys_arch = cons.config.buildconfig.get('config_sys_arch', '"sandbox"')[1:-1]
+ return sys_arch == 'sandbox'
+
@pytest.mark.buildconfigspec('cmd_tpm_v2')
def test_tpm2_init(u_boot_console):
"""Init the software stack to use TPMv2 commands."""
@pytest.mark.buildconfigspec('cmd_tpm_v2')
def test_tpm2_init(u_boot_console):
"""Init the software stack to use TPMv2 commands."""
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
pytest.skip('skip TPM device test')
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
pytest.skip('skip TPM device test')
u_boot_console.run_command('tpm2 init')
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
u_boot_console.run_command('tpm2 init')
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
Initiate the TPM internal state machine.
"""
Initiate the TPM internal state machine.
"""
+ u_boot_console.run_command('tpm2 startup TPM2_SU_CLEAR')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+def tpm2_sandbox_init(u_boot_console):
+ """Put sandbox back into a known state so we can run a test
+
+ This allows all tests to run in parallel, since no test depends on another.
+ """
+ u_boot_console.restart_uboot()
+ u_boot_console.run_command('tpm2 init')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
+ u_boot_console.run_command('tpm2 self_test full')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
@pytest.mark.buildconfigspec('cmd_tpm_v2')
@pytest.mark.buildconfigspec('cmd_tpm_v2')
-def test_tpm2_self_test_full(u_boot_console):
+def test_tpm2_sandbox_self_test_full(u_boot_console):
"""Execute a TPM2_SelfTest (full) command.
Ask the TPM to perform all self tests to also enable full capabilities.
"""
"""Execute a TPM2_SelfTest (full) command.
Ask the TPM to perform all self tests to also enable full capabilities.
"""
+ if is_sandbox(u_boot_console):
+ u_boot_console.restart_uboot()
+ u_boot_console.run_command('tpm2 init')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
+
+ u_boot_console.run_command('tpm2 startup TPM2_SU_CLEAR')
+ output = u_boot_console.run_command('echo $?')
+ assert output.endswith('0')
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
pytest.skip('skip TPM device test')
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
pytest.skip('skip TPM device test')
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
u_boot_console.run_command('tpm2 self_test continue')
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
u_boot_console.run_command('tpm2 self_test continue')
output = u_boot_console.run_command('echo $?')
assert output.endswith('0')
not have a password set, otherwise this test will fail. ENDORSEMENT and
PLATFORM hierarchies are also available.
"""
not have a password set, otherwise this test will fail. ENDORSEMENT and
PLATFORM hierarchies are also available.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
if skip_test:
Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are
also available.
"""
Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are
also available.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
force_init(u_boot_console)
u_boot_console.run_command('tpm2 change_auth TPM2_RH_LOCKOUT unicorn')
force_init(u_boot_console)
u_boot_console.run_command('tpm2 change_auth TPM2_RH_LOCKOUT unicorn')
There is no expected default values because it would depend on the chip
used. We can still save them in order to check they have changed later.
"""
There is no expected default values because it would depend on the chip
used. We can still save them in order to check they have changed later.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
the authentication, otherwise the lockout will be engaged after the first
failed authentication attempt.
"""
the authentication, otherwise the lockout will be engaged after the first
failed authentication attempt.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
Perform a PCR read of the 0th PCR. Must be zero.
"""
Perform a PCR read of the 0th PCR. Must be zero.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
No authentication mechanism is used here, not protecting against packet
replay, yet.
"""
No authentication mechanism is used here, not protecting against packet
replay, yet.
"""
+ if is_sandbox(u_boot_console):
+ tpm2_sandbox_init(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
force_init(u_boot_console)
ram = u_boot_utils.find_ram_base(u_boot_console)
projects / platform / kernel / u-boot.git / commitdiff