| Index: autotest/client/hardware_TPMCheck/hardware_TPMCheck.py
|
| diff --git a/autotest/client/hardware_TPMCheck/hardware_TPMCheck.py b/autotest/client/hardware_TPMCheck/hardware_TPMCheck.py
|
| index f2fae7e968789a41f5a106013ade96d6aee5dcec..ead4b6235f91dfebc550b8861db7d7eaf240c7cf 100644
|
| --- a/autotest/client/hardware_TPMCheck/hardware_TPMCheck.py
|
| +++ b/autotest/client/hardware_TPMCheck/hardware_TPMCheck.py
|
| @@ -2,10 +2,23 @@
|
| # Use of this source code is governed by a BSD-style license that can be
|
| # found in the LICENSE file.
|
|
|
| -import os, re
|
| +import logging, os, re
|
| from autotest_lib.client.bin import test, utils
|
| from autotest_lib.client.common_lib import error
|
|
|
| +def old_or_missing_firmware_version():
|
| + f = open("/sys/devices/platform/chromeos_acpi/FWID")
|
| + if not f:
|
| + return True
|
| + version = f.readline().strip()
|
| + logging.info("firmware version: %s", version)
|
| + # Expect a dot-separated list of 6 elements. Discard 1st element.
|
| + v = re.split("\.", version)[1:]
|
| + w = re.split("\.", "any-nickname.03.60.1118.0036.")[1:]
|
| + if len(v) != len(w):
|
| + raise error.TestError("malformed firmware version %s" % version)
|
| + return v < w
|
| +
|
| def dict_from_command(command):
|
| dict = {}
|
| out = os.popen(command)
|
| @@ -19,29 +32,53 @@ def dict_from_command(command):
|
|
|
| def expect(d, key, value):
|
| if (d[key] != value):
|
| - utils.system("start tcsd", ignore_status=True)
|
| - raise error.TestError("expecting %s = %s, receiving %s = %s" %
|
| + raise error.TestError("expecting %s = %s, observing %s = %s" %
|
| (key, value, key, d[key]))
|
|
|
| +def checkp(space, permission):
|
| + c = "tpmc getp %s" % space
|
| + l = os.popen(c).readline()
|
| + if (not re.match(".*%s" % permission, l)):
|
| + raise error.TestError("invalid response to %s: %s" % (c, l))
|
| +
|
| class hardware_TPMCheck(test.test):
|
| version = 1
|
|
|
| def run_once(self):
|
| - utils.system("stop tcsd", ignore_status=True)
|
| -
|
| - d = dict_from_command("tpmc getvf");
|
| - expect(d, "deactivated", "0")
|
| - expect(d, "physicalPresence", "0")
|
| - expect(d, "physicalPresenceLock", "1")
|
| - expect(d, "bGlobalLock", "1")
|
| -
|
| - d = dict_from_command("tpmc getpf");
|
| - expect(d, "disable", "0")
|
| - expect(d, "ownership", "1")
|
| - expect(d, "deactivated", "0")
|
| - expect(d, "physicalPresenceHWEnable", "0")
|
| - expect(d, "physicalPresenceCMDEnable", "1")
|
| - expect(d, "physicalPresenceLifetimeLock", "1")
|
| - expect(d, "nvLocked", "1")
|
| -
|
| - utils.system("start tcsd", ignore_status=True)
|
| +
|
| + if old_or_missing_firmware_version():
|
| + logging.warning("skipping test because firmware " +
|
| + "version missing or deemed too old")
|
| + return
|
| +
|
| + try:
|
| + utils.system("stop tcsd", ignore_status=True)
|
| +
|
| + # Check volatile (ST_CLEAR) flags
|
| + d = dict_from_command("tpmc getvf");
|
| + expect(d, "deactivated", "0")
|
| + expect(d, "physicalPresence", "0")
|
| + expect(d, "physicalPresenceLock", "1")
|
| + expect(d, "bGlobalLock", "1")
|
| +
|
| + # Check permanent flags
|
| + d = dict_from_command("tpmc getpf");
|
| + expect(d, "disable", "0")
|
| + expect(d, "ownership", "1")
|
| + expect(d, "deactivated", "0")
|
| + expect(d, "physicalPresenceHWEnable", "0")
|
| + expect(d, "physicalPresenceCMDEnable", "1")
|
| + expect(d, "physicalPresenceLifetimeLock", "1")
|
| + expect(d, "nvLocked", "1")
|
| +
|
| + # Check space permissions
|
| + checkp("0x1007", "0x8001")
|
| + checkp("0x1008", "0x1")
|
| +
|
| + # Check kernel space UID
|
| + l = os.popen("tpmc read 0x1008 0x5").readline()
|
| + if (not re.match(".* 4c 57 52 47$", l)):
|
| + raise error.TestError("invalid kernel space UID: %s" % l)
|
| +
|
| + finally:
|
| + utils.system("start tcsd", ignore_status=True)
|
|
|
Chromium Code Reviews
Issue 3593012:
Add checking of space permissions and kernel space unique ID (Closed)
Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git