[PATCH 2/2] selftests: tpm2: Extend tests to cover partial reads
Jarkko Sakkinen
jarkko.sakkinen at linux.intel.com
Mon Feb 11 16:48:03 UTC 2019
You are missing a cover letter from this patch set. Please have it in
v2. Also use tag "selftests/tpm2" instead of having two tags in the
short summaries. Now they look a bit weird.
On Tue, Feb 05, 2019 at 12:28:39PM -0800, Tadeusz Struk wrote:
> Three new tests added:
> 1. Send get random cmd, read header in 1st read, read the rest in second
> read - expect success
> 2. Send get random cmd, read only part of the response, send another
> get random command, read the response - expect success
> 3. Send get random cmd followed by another get random cmd, without
> reading the first response - expect the second cmd to fail with -EBUSY
>
> Signed-off-by: Tadeusz Struk <tadeusz.struk at intel.com>
> ---
> tools/testing/selftests/tpm2/tpm2.py | 1
> tools/testing/selftests/tpm2/tpm2_tests.py | 82 ++++++++++++++++++++++++++++
> 2 files changed, 83 insertions(+)
>
> diff --git a/tools/testing/selftests/tpm2/tpm2.py b/tools/testing/selftests/tpm2/tpm2.py
> index c2b9f2b1a0ac..828c18584624 100644
> --- a/tools/testing/selftests/tpm2/tpm2.py
> +++ b/tools/testing/selftests/tpm2/tpm2.py
> @@ -22,6 +22,7 @@ TPM2_CC_UNSEAL = 0x015E
> TPM2_CC_FLUSH_CONTEXT = 0x0165
> TPM2_CC_START_AUTH_SESSION = 0x0176
> TPM2_CC_GET_CAPABILITY = 0x017A
> +TPM2_CC_GET_RANDOM = 0x017B
> TPM2_CC_PCR_READ = 0x017E
> TPM2_CC_POLICY_PCR = 0x017F
> TPM2_CC_PCR_EXTEND = 0x0182
> diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py
> index 3bb066fea4a0..3f6a65cbdd39 100644
> --- a/tools/testing/selftests/tpm2/tpm2_tests.py
> +++ b/tools/testing/selftests/tpm2/tpm2_tests.py
> @@ -158,6 +158,88 @@ class SmokeTest(unittest.TestCase):
> pass
> self.assertEqual(rejected, True)
>
> + def test_read_partial_resp(self):
> + """Reads random in two subsequent reads"""
> + log = logging.getLogger(__name__)
> + try:
> + fmt = '>HIIH'
> + cmd = struct.pack(fmt,
> + tpm2.TPM2_ST_NO_SESSIONS,
> + struct.calcsize(fmt),
> + tpm2.TPM2_CC_GET_RANDOM,
> + 0x20)
> + self.client.tpm.write(cmd)
> + hdr = self.client.tpm.read(10)
> + sz = struct.unpack('>I', hdr[2:6])[0]
> + rsp = self.client.tpm.read()
8<
> + log.debug("header:")
> + log.debug(tpm2.hex_dump(hdr))
> + log.debug("resp:")
> + log.debug(tpm2.hex_dump(rsp))
Remove.
> + except:
8<
> + log.debug("Error:", sys.exc_info()[0])
Remove.
> + raise
> +
> + self.assertEqual(sz, 10 + 2 + 32)
> + self.assertEqual(len(rsp), 2 + 32)
> +
> + def test_read_partial_overwrite(self):
> + """Reads only part of the response and issue a new cmd"""
> + log = logging.getLogger(__name__)
> + try:
> + fmt = '>HIIH'
> + cmd = struct.pack(fmt,
> + tpm2.TPM2_ST_NO_SESSIONS,
> + struct.calcsize(fmt),
> + tpm2.TPM2_CC_GET_RANDOM,
> + 0x20)
> + self.client.tpm.write(cmd)
> + # Read part of the respone
> + rsp1 = self.client.tpm.read(15)
8<
> + log.debug("rsp 1:")
> + log.debug(tpm2.hex_dump(rsp1))
Remove.
> +
> + # Send a new cmd
> + self.client.tpm.write(cmd)
> +
> + # Read the whole respone
> + rsp2 = self.client.tpm.read()
8<
> + log.debug("rsp 2:")
> + log.debug(tpm2.hex_dump(rsp2))
Remove.
> +
> + except:
8<
> + log.debug("Error:", sys.exc_info()[0])
Remove.
> + raise
> +
> + self.assertEqual(len(rsp1), 15)
> + self.assertEqual(len(rsp2), 10 + 2 + 32)
> +
> + def test_send_two_cmds(self):
> + """Send two cmds without reading a response"""
> + rejected = False
> + try:
> + fmt = '>HIIH'
> + cmd = struct.pack(fmt,
> + tpm2.TPM2_ST_NO_SESSIONS,
> + struct.calcsize(fmt),
> + tpm2.TPM2_CC_GET_RANDOM,
> + 0x20)
> + self.client.tpm.write(cmd)
> +
> + # expect the second one to raise -EBUSY error
> + self.client.tpm.write(cmd)
> + rsp = self.client.tpm.read()
> +
> + except IOError, e:
> + # read the response
> + rsp = self.client.tpm.read()
> + rejected = True
> + pass
> + except:
> + raise
> +
> + self.assertEqual(rejected, True)
> +
> class SpaceTest(unittest.TestCase):
> def setUp(self):
> logging.basicConfig(filename='SpaceTest.log', level=logging.DEBUG)
>
/Jarkko
More information about the Linux-security-module-archive
mailing list