[PATCH 7/9] test: use a non system PCR for testing PCR extend

[Simon Glass]

On Wed, 10 May 2023 at 09:27, Ilias Apalodimas
<ilias.apalodimas at linaro.org> wrote:
>
> Hi Simon,
>
> On Wed, 10 May 2023 at 17:32, Simon Glass <sjg at chromium.org> wrote:
> >
> > Hi Ilias,
> >
> > On Wed, 10 May 2023 at 01:44, Ilias Apalodimas
> > <ilias.apalodimas at linaro.org> wrote:
> > >
> > > We currently use PCR 0 for testing the PCR read/extend functionality in
> > > our selftests.  How ever those PCRs are defined by the TCG spec for
> > > platform use.  For example if the tests run *after* the efi subsystem
> > > initialization, which extends PCRs 0 & 7 it will give a false positive.
> > >
> > > So let's switch over to a PCR which is more suitable and is defined for
> > > OS use.  It's worth noting that we are using PCR10 here, since PCR9 is
> > > used internally by U-Boot if we choose to measure the loaded DTB
> > >
> > > Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> > > ---
> > >  test/py/tests/test_tpm2.py | 14 +++++++-------
> > >  1 file changed, 7 insertions(+), 7 deletions(-)
> >
> > We should be able to reset the tpm emulator in state_reset_for_test().
>
> That's irrelevant to the current patchset though.  It's also not true
> for non sandbox testing, so I think we should just change the PCR we
> do our measurements on

I don't see much point in running this test on real hardware, unless
you are checking that the test is actually sane. But so long as it
doesn't break anything, this seems fine to me.

Reviewed-by: Simon Glass <sjg at chromium.org>