[PATCH 7/9] test: use a non system PCR for testing PCR extend
Ilias Apalodimas
ilias.apalodimas at linaro.org
Wed May 10 17:26:35 CEST 2023
Hi Simon,
On Wed, 10 May 2023 at 17:32, Simon Glass <sjg at chromium.org> wrote:
>
> Hi Ilias,
>
> On Wed, 10 May 2023 at 01:44, Ilias Apalodimas
> <ilias.apalodimas at linaro.org> wrote:
> >
> > We currently use PCR 0 for testing the PCR read/extend functionality in
> > our selftests. How ever those PCRs are defined by the TCG spec for
> > platform use. For example if the tests run *after* the efi subsystem
> > initialization, which extends PCRs 0 & 7 it will give a false positive.
> >
> > So let's switch over to a PCR which is more suitable and is defined for
> > OS use. It's worth noting that we are using PCR10 here, since PCR9 is
> > used internally by U-Boot if we choose to measure the loaded DTB
> >
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> > ---
> > test/py/tests/test_tpm2.py | 14 +++++++-------
> > 1 file changed, 7 insertions(+), 7 deletions(-)
>
> We should be able to reset the tpm emulator in state_reset_for_test().
That's irrelevant to the current patchset though. It's also not true
for non sandbox testing, so I think we should just change the PCR we
do our measurements on
Thanks
/Ilias
>
> Regards,
> Simon
More information about the U-Boot
mailing list