Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Fix use of PCR16 #2879

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix use of PCR16 #2879

wants to merge 2 commits into from

Conversation

AndreasFuchsTPM
Copy link
Member

Fixes: #2877

@AndreasFuchsTPM
Test: Reset PCR16 upon test exit
cc18b1a 
Signed-off-by: Andreas Fuchs <andreas.fuchs@infineon.com>
@AndreasFuchsTPM AndreasFuchsTPM added this to the 4.2.0 milestone Jul 31, 2024
@AndreasFuchsTPM
Test: Add pre and post check for PCR16 to be empty
6a78aa7 
The test harness for integration tests now check before and after
every integration test invocation if PCR16 is empty to begin but
also after the test.

Signed-off-by: Andreas Fuchs <andreas.fuchs@infineon.com>
joholl
joholl approved these changes Aug 2, 2024
View reviewed changes
Copy link
Collaborator

@joholl joholl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments, but nothing major.

test/integration/test-common.c
}

if (pcr_values.count != 1) {
LOG_ERROR("TPM2_PCR_Read for PCR 16 in SHA256 did not return a value");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you forget a return EXIT_ERROR; here?

test/integration/test-common.c
TSS2_RC rc;
TPML_DIGEST pcr_values = { 0 };
TPML_PCR_SELECTION pcr_selection = { .count=1, .pcrSelections = { { .hash = TPM2_ALG_SHA256, .sizeofSelect = 3, .pcrSelect = { 0 } } } };
pcr_selection.pcrSelections[0].pcrSelect[(16 / 8)] = 1 << (16 % 8);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we not have a macro for this?

test/integration/test-common.c
@@ -44,7 +46,7 @@ struct {
};

struct tpm_state {
TPMS_CAPABILITY_DATA capabilities[7];
TPMS_CAPABILITY_DATA capabilities[sizeof(capabilities_to_dump) / sizeof(capabilities_to_dump[0])];
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ARRAY_LEN() is defined in src/util/aux_util.h

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@joholl joholl joholl approved these changes

@JuergenReppSIT JuergenReppSIT Awaiting requested review from JuergenReppSIT

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
4.2.0
Development

Successfully merging this pull request may close these issues.

Tests: Add check for PCR16==0x000..000 to pre test checks
2 participants
@AndreasFuchsTPM @joholl