Conversation
krystian-hebel
left a comment
krystian-hebel
left a comment
There was a problem hiding this comment.
Those describe TPM2.0 only, and don't mention which PCR bank is considered.
docs/unified-test-documentation/dasharo-stability/C07-tpm-detection.md
Outdated
Show resolved
Hide resolved
| 1. Disconnect the power source, and remove the battery if present. | ||
| 1. Connect power and battery again. |
There was a problem hiding this comment.
If this is required, there are bigger problems with the platform...
| - PCR0 - PCR7 values should not be equal zero; they contains firmware | ||
| measurements, |
There was a problem hiding this comment.
Assumes UEFI, with legacy payload most of those PCRs are unused. I think only PCR2 is used in each case.
|
|
||
| - PCR0 - PCR7 values should not be equal zero; they contains firmware | ||
| measurements, | ||
| - PCR8, PCR9 and PCR14 values should not be equal zero; they contains GRUB |
There was a problem hiding this comment.
There was a problem hiding this comment.
Oh, PCR14 is used by MOK. Should be added to description.
| measurements, | ||
| - PCR8, PCR9 and PCR14 values should not be equal zero; they contains GRUB | ||
| measurements, | ||
| - PCR10 value should not be equal zero. |
There was a problem hiding this comment.
Only if IMA is enabled.
| - PCR10 value should not be equal zero. | ||
|
|
||
| 1. Between subsequent boots above mentioned PCRs values should remain unchanged, | ||
| except PCR10. |
There was a problem hiding this comment.
Why can PCR10 change here but not for earlier tests? 🤔
| 1. Power on the DUT. | ||
| 1. Boot into the system. | ||
| 1. Log into the system by using the proper login and password. | ||
| 1. Open a terminal window and run the following command: |
There was a problem hiding this comment.
What to do with results?
| measurements, | ||
| - PCR10 value should not be equal zero. | ||
|
|
||
| 1. Between subsequent boots above mentioned PCRs values should remain unchanged. |
There was a problem hiding this comment.
What is meant by "subsequent boots"? Is there expected to be a reboot between tests, or just S3 sleep? I also think that PCR10 may change here.
…d: add new test suite Signed-off-by: Przemyslaw Sulewski <przemyslaw.sulewski@3mdeb.com>
Signed-off-by: Przemyslaw Sulewski <przemyslaw.sulewski@3mdeb.com>
Mixss
force-pushed
the
tpm_stability_tests
branch
from
e131650 to
5a8a329
Compare
…d: fixed title Signed-off-by: Mixss <michal.ziemiec@3mdeb.com>
…d: removed legacy information Signed-off-by: Mixss <michal.ziemiec@3mdeb.com>
…d: updated PCR grub info Signed-off-by: Mixss <michal.ziemiec@3mdeb.com>
…d: updated PCR10 info Signed-off-by: Mixss <michal.ziemiec@3mdeb.com>
3 participants
No description provided.