[PATCH 3/3] tpm: Drop unwanted special cases for sandbox
Ilias Apalodimas
ilias.apalodimas at linaro.org
Mon Oct 30 12:42:49 CET 2023
On Sun, 29 Oct 2023 at 06:28, Simon Glass <sjg at chromium.org> wrote:
>
> These don't seem to be needed.
Please metnion something we can refer to in the future. e.g.
"A previous patch moves most of the sandbox tests to C code, those
arent needed anymore" etc
>
> Add a few notes about what to do next. Also mention parallel tests in
> at the top of thefile.
>
> Signed-off-by: Simon Glass <sjg at chromium.org>
> ---
>
> test/py/tests/test_tpm2.py | 44 +++++++++-----------------------------
> 1 file changed, 10 insertions(+), 34 deletions(-)
>
> diff --git a/test/py/tests/test_tpm2.py b/test/py/tests/test_tpm2.py
> index 522ed41de633..e01a05143b63 100644
> --- a/test/py/tests/test_tpm2.py
> +++ b/test/py/tests/test_tpm2.py
> @@ -27,6 +27,16 @@ behavior.
> * Setup env__tpm_device_test_skip to True if tests with TPM devices should be
> skipped.
>
> +Parallel tests
> +--------------
> +
> +These tests can be run in parallel on sandbox. In that case any action taken
> +by one test may be independent of another. For sandbox, care should be taken to
> +ensure that tests are independent.
> +
> +Unfortunately, tests cannot be made independent on real hardware, since there is
> +no way to reset the TPM other than restarting the board. Perhaps that would be
> +the best approach?
> """
>
> updates = 0
> @@ -50,11 +60,6 @@ def force_init(u_boot_console, force=False):
> u_boot_console.run_command('tpm2 clear TPM2_RH_PLATFORM')
> u_boot_console.run_command('echo --- end of init ---')
>
> -def is_sandbox(cons):
> - # Array slice removes leading/trailing quotes.
> - sys_arch = cons.config.buildconfig.get('config_sys_arch', '"sandbox"')[1:-1]
> - return sys_arch == 'sandbox'
> -
> @pytest.mark.buildconfigspec('cmd_tpm_v2')
> def test_tpm2_autostart(u_boot_console):
> """Init the software stack to use TPMv2 commands."""
> @@ -65,20 +70,6 @@ def test_tpm2_autostart(u_boot_console):
> output = u_boot_console.run_command('echo $?')
> assert output.endswith('0')
>
> -def tpm2_sandbox_init(u_boot_console):
> - """Put sandbox back into a known state so we can run a test
> -
> - This allows all tests to run in parallel, since no test depends on another.
> - """
> - u_boot_console.restart_uboot()
> - u_boot_console.run_command('tpm2 autostart')
> - output = u_boot_console.run_command('echo $?')
> - assert output.endswith('0')
> -
> - skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
> - if skip_test:
> - pytest.skip('skip TPM device test')
> -
> @pytest.mark.buildconfigspec('cmd_tpm_v2')
> def test_tpm2_clear(u_boot_console):
> """Execute a TPM2_Clear command.
> @@ -91,9 +82,6 @@ def test_tpm2_clear(u_boot_console):
> not have a password set, otherwise this test will fail. ENDORSEMENT and
> PLATFORM hierarchies are also available.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> -
> skip_test = u_boot_console.config.env.get('env__tpm_device_test_skip', False)
> if skip_test:
> pytest.skip('skip TPM device test')
> @@ -114,8 +102,6 @@ def test_tpm2_change_auth(u_boot_console):
> Use the LOCKOUT hierarchy for this. ENDORSEMENT and PLATFORM hierarchies are
> also available.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> force_init(u_boot_console)
>
> u_boot_console.run_command('tpm2 change_auth TPM2_RH_LOCKOUT unicorn')
> @@ -140,9 +126,6 @@ def test_tpm2_get_capability(u_boot_console):
> There is no expected default values because it would depend on the chip
> used. We can still save them in order to check they have changed later.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> -
> force_init(u_boot_console)
> ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -164,8 +147,6 @@ def test_tpm2_dam_parameters(u_boot_console):
> the authentication, otherwise the lockout will be engaged after the first
> failed authentication attempt.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> force_init(u_boot_console)
> ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -188,9 +169,6 @@ def test_tpm2_pcr_read(u_boot_console):
>
> Perform a PCR read of the 0th PCR. Must be zero.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> -
> force_init(u_boot_console)
> ram = u_boot_utils.find_ram_base(u_boot_console)
>
> @@ -217,8 +195,6 @@ def test_tpm2_pcr_extend(u_boot_console):
> No authentication mechanism is used here, not protecting against packet
> replay, yet.
> """
> - if is_sandbox(u_boot_console):
> - tpm2_sandbox_init(u_boot_console)
> force_init(u_boot_console)
> ram = u_boot_utils.find_ram_base(u_boot_console)
>
> --
> 2.42.0.820.g83a721a137-goog
>
With this rebased on top of patch #2 & master
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
More information about the U-Boot
mailing list