2021-11-25 00:40:49

by Stefan Berger

[permalink] [raw]
Subject: [PATCH v3 0/3] selftests: tpm2: Probe for available PCR bank

From: Stefan Berger <[email protected]>

This series of patches fixes two issues with TPM2 selftest.
- Probes for available PCR banks
- Resets DA lock on TPM2 to avoid subsequent test failures

It also extends the test cases with support for SHA-384 and SHA-512
PCR banks.

Stefan

v3:
- Mention SHA-256 PCR bank as alternative in patch 1 description

v2:
- Clarified patch 1 description
- Added patch 3 with support for SHA-384 and SHA-512

Stefan Berger (3):
selftests: tpm2: Probe for available PCR bank
selftests: tpm2: Reset the dictionary attack lock
selftests: tpm2: Add support for SHA-384 and SHA-512

tools/testing/selftests/tpm2/tpm2.py | 12 ++++++-
tools/testing/selftests/tpm2/tpm2_tests.py | 37 +++++++++++++++++-----
2 files changed, 40 insertions(+), 9 deletions(-)

--
2.31.1



2021-11-25 00:40:49

by Stefan Berger

[permalink] [raw]
Subject: [PATCH v3 2/3] selftests: tpm2: Reset the dictionary attack lock

From: Stefan Berger <[email protected]>

Reset the dictionary attack lock to avoid the following types of test
failures after running the test 2 times:

======================================================================
ERROR: test_unseal_with_wrong_policy (tpm2_tests.SmokeTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2_tests.py", line 105, in test_unseal_with_wrong_policy
blob = self.client.seal(self.root_key, data, auth, policy_dig)
File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2.py", line 620, in seal
rsp = self.send_cmd(cmd)
File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2.py", line 397, in send_cmd
raise ProtocolError(cc, rc)
tpm2.ProtocolError: TPM_RC_LOCKOUT: cc=0x00000153, rc=0x00000921

Signed-off-by: Stefan Berger <[email protected]>
---
tools/testing/selftests/tpm2/tpm2_tests.py | 1 +
1 file changed, 1 insertion(+)

diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py
index 6b88ff0e47b9..ae88d8866e5d 100644
--- a/tools/testing/selftests/tpm2/tpm2_tests.py
+++ b/tools/testing/selftests/tpm2/tpm2_tests.py
@@ -104,6 +104,7 @@ class SmokeTest(unittest.TestCase):
policy_dig = self.client.get_policy_digest(handle)
finally:
self.client.flush_context(handle)
+ self.client.reset_da_lock()

blob = self.client.seal(self.root_key, data, auth, policy_dig)

--
2.31.1