snappy-hwe-snaps

Merge ~ssweeny/snappy-hwe-snaps/+git/engineering-tests:tpm1.2-test into ~snappy-hwe-team/snappy-hwe-snaps/+git/engineering-tests:master

  1. Git
  2. lp:~ssweeny/snappy-hwe-snaps/+git/engineering-tests
  3. tpm1.2-test
  4. Merge into master
Proposed by Scott Sweeny
Status: Merged
Approved by: Jim Hodapp
Approved revision: b5518bfd6c3f539fed99def2a2aad9d4f1269bf7
Merged at revision: d55bc9ae0b8c7db5d2014a2396fc95a1f88446f9
Proposed branch: ~ssweeny/snappy-hwe-snaps/+git/engineering-tests:tpm1.2-test
Merge into: ~snappy-hwe-team/snappy-hwe-snaps/+git/engineering-tests:master
Diff against target: 188 lines (+146/-0)
4 files modified
README.md (+3/-0)
bin/run-tpm1.2-tests (+5/-0)
snapcraft.yaml (+2/-0)
tests/units/tpm1.2.pxu (+136/-0)
Reviewer Review Type Date Requested Status
Jim Hodapp (community) code Approve
System Enablement Bot continuous-integration Needs Fixing
Review via email: mp+306937@code.launchpad.net

Commit message

Add TPM 1.2 tests

Currently tested are:
 * Interfaces are connected
 * Can get TPM chip version info
 * Can run TPM self test
 * Can take ownership
 * Can access the public endorsement key

Description of the change

Add TPM 1.2 tests

Currently tested are:
 * Interfaces are connected
 * Can get TPM chip version info
 * Can run TPM self test
 * Can take ownership
 * Can access the public endorsement key

To post a comment you must log in.
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:b8e45b73e3ac833734a7b11bc7d4b5aed8ee9144
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/118/
Executed test runs:
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/19/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/118/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:b8e45b73e3ac833734a7b11bc7d4b5aed8ee9144
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/119/
Executed test runs:
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/20/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/119/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Jim Hodapp (jhodapp) wrote :

Please make sure to update the README.md file appropriately.

review: Needs Fixing
Revision history for this message
Scott Sweeny (ssweeny) wrote :

Done.

Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:d402f4f54bedeb8ff89dbfab5f1b1f12093de448
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/126/
Executed test runs:
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/27/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/126/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Scott Sweeny (ssweeny) wrote :

ACTUALLY done now.

Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:b5518bfd6c3f539fed99def2a2aad9d4f1269bf7
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/127/
Executed test runs:
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/28/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/127/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Jim Hodapp (jhodapp) wrote :

Looks very good, thanks Scott.

review: Approve (code)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/README.md b/README.md
2index ac21873..b7048a4 100644
3--- a/README.md
4+++ b/README.md
5@@ -9,7 +9,9 @@ the snaps produced by the System Enablement team at Canonical.
6
7 It currently covers test cases for the following snaps
8
9+ * modem-manager
10 * wifi-ap
11+ * tpm1.2
12
13 ## How can I run the tests?
14
15@@ -31,6 +33,7 @@ categories related to the command's name.
16 $ /snap/bin/canonical-se-engineering-tests.run
17 $ /snap/bin/canonical-se-engineering-tests.modem-manager
18 $ /snap/bin/canonical-se-engineering-tests.wifi-ap
19+ $ /snap/bin/canonical-se-engineering-tests.tpm1-2
20
21 ## How can I contribute new tests?
22
23diff --git a/bin/run-tpm1.2-tests b/bin/run-tpm1.2-tests
24new file mode 100755
25index 0000000..afdfd53
26--- /dev/null
27+++ b/bin/run-tpm1.2-tests
28@@ -0,0 +1,5 @@
29+#!/bin/sh
30+export PATH="$PATH:$SNAP/usr/sbin"
31+exec python3 $(which plainbox) \
32+ run -i '2016.com.canonical.system-enablement::tpm1.2.*' \
33+ "$@"
34diff --git a/snapcraft.yaml b/snapcraft.yaml
35index 7339b38..7c6eac9 100644
36--- a/snapcraft.yaml
37+++ b/snapcraft.yaml
38@@ -18,6 +18,8 @@ apps:
39 command: bin/run-wifi-ap-tests
40 modem-manager:
41 command: bin/run-modem-manager-tests
42+ tpm1-2:
43+ command: bin/run-tpm1.2-tests
44
45 parts:
46 common:
47diff --git a/tests/units/tpm1.2.pxu b/tests/units/tpm1.2.pxu
48new file mode 100644
49index 0000000..c5c18b8
50--- /dev/null
51+++ b/tests/units/tpm1.2.pxu
52@@ -0,0 +1,136 @@
53+# Copyright 2016 Canonical Ltd.
54+# All rights reserved.
55+#
56+# Written by:
57+# Scott Sweeny <scott.sweeny@canonical.com>
58+
59+unit: category
60+id: tpm1.2
61+_name: TPM 1.2
62+
63+id: tpm1.2/setup/ensure_interface_connection_setup
64+category_id: tpm1.2
65+_description: Ensure that the tpm1.2 interfaces are connected
66+plugin: manual
67+_steps:
68+ 1. Connect required tpm1.2 slots/plugs
69+ .
70+ $ sudo snap connect tpm:network ubuntu-core:network
71+ $ sudo snap connect tpm:network-bind ubuntu-core:network-bind
72+ $ sudo snap connect tpm:tpm ubuntu-core:tpm
73+ .
74+_verification:
75+ Verify that you see the following when running snap interfaces:
76+ :network tpm
77+ :network-bind tpm
78+ :tpm tpm
79+
80+id: tpm1.2/setup/get_version
81+category_id: tpm1.2
82+plugin: manual
83+depends: tpm1.2/setup/ensure_interface_connection_setup
84+_summary: Can get version information from the TPM chip
85+_purpose:
86+ Check that basic communication with the TPM chip is working and that version
87+ information can be retrieved with the expected command.
88+_steps:
89+ 1. Execute the following command to show the TPM version:
90+ .
91+ $ /snap/bin/tpm.version
92+_verification:
93+ Output is similar to below with all fields showing data:
94+ .
95+ �z TPM 1.2 Version Info:
96+ Chip Version: 1.2.5.81
97+ Spec Level: 2
98+ Errata Revision: 3
99+ TPM Vendor ID: WEC
100+ Vendor Specific data: 0000
101+ TPM Version: 01010000
102+ Manufacturer Info: 57454300
103+
104+id: tpm1.2/setup/self_test
105+category_id: tpm1.2
106+plugin: manual
107+depends: tpm1.2/setup/ensure_interface_connection_setup
108+_summary: TPM self test runs successfully
109+_purpose:
110+ Check that the TPM self test runs successfully and returns no errors.
111+_steps:
112+ 1. Execute the following command to run the TPM self test:
113+ .
114+ $ /snap/bin/tpm.selftest
115+_verification:
116+ Output is similar to below (actual values are not important) and no
117+ error messages are shown:
118+ .
119+ TPM Test Results:
120+ ff010205 51ffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
121+ ffffffff ffffffff ffffffff ffff0000 00000000 00000000 00000000 00000000
122+ 00000000 00000000 00000000 00000000 00000000 00000000 00000000 0000
123+
124+
125+id: tpm1.2/configuration/take_ownership
126+category_id: tpm1.2
127+plugin: manual
128+depends: tpm1.2/setup/ensure_interface_connection_setup
129+_summary: Taking ownership of the device is possible
130+_purpose:
131+ Check that you are able to take ownership of the device using TPM commands.
132+_steps:
133+ 1.Execute the following command to take ownership of the TPM chip:
134+ .
135+ $ /snap/bin/tpm.takeownership
136+ .
137+_verification:
138+ Verify that you are prompted for both the owner key and the SRK (storage
139+ root key) and that no errors are returned.
140+ .
141+ NOTE: This command will only work if it has not been run before. You can
142+ reset the TPM with:
143+ .
144+ $ /snap/bin/tpm.clear
145+ .
146+ Which will invalidate all existing keys and passwords and disable the chip.
147+ Once this is done you must re-enable the TPM from the device's BIOS before
148+ it can be used.
149+
150+id: tpm1.2/crypto/show_public_key
151+category_id: tpm1.2
152+plugin: manual
153+depends: tpm1.2/setup/ensure_interface_connection_setup
154+_summary: Showing the public endorsement key succeeds
155+_purpose:
156+ Check to make sure that the endorsement key pair exists and the public key
157+ can be queried.
158+_steps:
159+ 1. Execute the following command to see the public key:
160+ .
161+ $ /snap/bin/tpm.getpubek
162+ .
163+ You may see an error similar to:
164+ .
165+ Tspi_TPM_GetPubEndorsementKey failed: 0x00000008 - layer=tpm, code=0008 (8), The TPM target command has been disabled
166+ .
167+ This can be safely ignored as long as the public key data is displayed.
168+_verification:
169+ Verify that the public key data is shown, for example:
170+ .
171+ Public Endorsement Key:
172+ Version: 01010000
173+ Usage: 0x0002 (Unknown)
174+ Flags: 0x00000000 (!VOLATILE, !MIGRATABLE, !REDIRECTION)
175+ AuthUsage: 0x00 (Never)
176+ Algorithm: 0x00000020 (Unknown)
177+ Encryption Scheme: 0x00000012 (Unknown)
178+ Signature Scheme: 0x00000010 (Unknown)
179+ Public Key:
180+ 8b59fad6 83514128 d56e2aa0 5eef7cff ad23c90d 0dd9b1e2 31ef093d 72d947d8
181+ e02fbe3a 3c235ff0 9c487973 40a28c9b 8b83aaaf dc1254ad 31a95410 811742e5
182+ 92c16823 6f663413 f7067d3a 9af09ccc 12944a13 51d32980 59a98740 4008ab0c
183+ 07b7d93b 9393691c 8ae7d84c 5fd4fcef 147934f1 09326225 d5d1b652 ab3e12ee
184+ fbd1cfba b18abedc de2215cb 97006b92 839fd9a4 3158bc8f 028fe516 550905b3
185+ e3eef1e1 9f8dd3ab 331cbe62 d32ce937 0c11ad41 1d2e50f3 c69c7cde cd0bf564
186+ 4b7b16f8 0885dc66 d4411aba a824c1f1 ea8aa743 5c62fad7 e9540b85 5c0dc7af
187+ 3c1615ae 56af18e4 770aa107 06ef274b 202e2e3e d4c280d8 5ca9e886 9d889e31
188+

Subscribers

People subscribed via source and target branches

to all changes: