[PATCH 3/3] tpm: Drop unwanted special cases for sandbox

Ilias Apalodimas ilias.apalodimas at linaro.org
Mon Oct 30 12:42:49 CET 2023


On Sun, 29 Oct 2023 at 06:28, Simon Glass <sjg at chromium.org> wrote:
>
> These don't seem to be needed.

Please metnion something we can refer to in the future. e.g.
"A previous patch moves most of the sandbox tests to C code, those
arent needed anymore" etc

>
> Add a few notes about what to do next. Also mention parallel tests in
> at the top of thefile.
>
> Signed-off-by: Simon Glass <sjg at chromium.org>
> ---
>
>  test/py/tests/test_tpm2.py | 44 +++++++++-----------------------------
>  1 file changed, 10 insertions(+), 34 deletions(-)
>
> diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py
> index 522ed41de633..e01a05143b63 100644
> --- a/test/py/tests/test_tpm2.py
> +++ b/test/py/tests/test_tpm2.py
> @@ -27,6 +27,16 @@ behavior.
>  * Setup env__tpm_device_test_skip to True if tests with TPM devices should be
>  skipped.
>
> +Parallel tests
> +--------------
> +
> +These tests can be run in parallel on sandbox. In that case any action taken
> +by one test may be independent of another. For sandbox, care should be taken to
> +ensure that tests are independent.
> +
> +Unfortunately, tests cannot be made independent on real hardware, since there is
> +no way to reset the TPM other than restarting the board. Perhaps that would be
> +the best approach?
>  """
>
>  updates = 0
> @@ -50,11 +60,6 @@ def force_init(u_boot_console, force=False):
>              u_boot_console.run_command('tpm2 clear TPM2_RH_PLATFORM')
>          u_boot_console.run_command('echo --- end of init ---')
>
> -def is_sandbox(cons):
> -    # Array slice removes leading/trailing quotes.
> -    sys_arch = cons.config.buildconfig.get('config_sys_arch', '"sandbox"')[1:-1]
> -    return sys_arch == 'sandbox'
> -
>  @pytest.mark.buildconfigspec('cmd_tpm_v2')
>  def test_tpm2_autostart(u_boot_console):
>      """Init the software stack to use TPMv2 commands."""
> @@ -65,20 +70,6 @@ def test_tpm2_autostart(u_boot_console):
>      output = u_boot_console.run_command('echo $?')
>      assert output.endswith('0')
>
> -def tpm2_sandbox_init(u_boot_console):
> -    """Put sandbox back into a known state so we can run a test
> -
> -    This allows all tests to run in parallel, since no test depends on another.
> -    """
> -    u_boot_console.restart_uboot()
> -    u_boot_console.run_command('tpm2 autostart')
> -    output = u_boot_console.run_command('echo $?')
> -    assert output.endswith('0')
> -
> -    skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
> -    if skip_test:
> -        pytest.skip('skip TPM device test')
> -
>  @pytest.mark.buildconfigspec('cmd_tpm_v2')
>  def test_tpm2_clear(u_boot_console):
>      """Execute a TPM2_Clear command.
> @@ -91,9 +82,6 @@ def test_tpm2_clear(u_boot_console):
>      not have a password set, otherwise this test will fail. ENDORSEMENT and
>      PLATFORM hierarchies are also available.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
> -
>      skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
>      if skip_test:
>          pytest.skip('skip TPM device test')
> @@ -114,8 +102,6 @@ def test_tpm2_change_auth(u_boot_console):
>      Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are
>      also available.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
>      force_init(u_boot_console)
>
>      u_boot_console.run_command('tpm2 change_auth TPM2_RH_LOCKOUT unicorn')
> @@ -140,9 +126,6 @@ def test_tpm2_get_capability(u_boot_console):
>      There is no expected default values because it would depend on the chip
>      used. We can still save them in order to check they have changed later.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
> -
>      force_init(u_boot_console)
>      ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -164,8 +147,6 @@ def test_tpm2_dam_parameters(u_boot_console):
>      the authentication, otherwise the lockout will be engaged after the first
>      failed authentication attempt.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
>      force_init(u_boot_console)
>      ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -188,9 +169,6 @@ def test_tpm2_pcr_read(u_boot_console):
>
>      Perform a PCR read of the 0th PCR. Must be zero.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
> -
>      force_init(u_boot_console)
>      ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -217,8 +195,6 @@ def test_tpm2_pcr_extend(u_boot_console):
>      No authentication mechanism is used here, not protecting against packet
>      replay, yet.
>      """
> -    if is_sandbox(u_boot_console):
> -        tpm2_sandbox_init(u_boot_console)
>      force_init(u_boot_console)
>      ram = u_boot_utils.find_ram_base(u_boot_console)
>
> --
> 2.42.0.820.g83a721a137-goog
>

With this rebased on top of patch #2 & master
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>


More information about the U-Boot mailing list