Hi Masahisa, On Fri, 22 Oct 2021 at 05:23, Masahisa Kojima <masahisa.koj...@linaro.org> wrote: > > This patch series adds the selftest for the EFI_TCG2_PROTOCOL and > Measured Boot flow. > This selftest is verified on qemu with swtpm.
Is this in CI? Where are the instructions for doing this? I have expressed my preference for expanding the in-tree emulator to handle this. Regards, Simon > > This covers most of the functionalities, but there are some > limitations and TODO items. > > [Limitation] > - tcg2 selftest must run at the beginning of the efi_selftest because > some measurement occurs in efi_tcg2_register() and boottime->image_load(). > Need to configure the efi_selftest with "setenv efi_selftest tcg2; bootefi > selftest" > - Skip ExitBootService measurement test > - EFI application can not read PCR after calling ExitBootService > - Skip EventLog Validation > - Measured Boot measures U-Boot version, so EventLog varies every build > having > different commit hash. > - Skip PCR[0] validation > - PCR[0] include U-Boot version measurement, this value varies every build > having different commit hash. > - Skip PCR[7] validation > - Secure Boot Variables can not be updated through efi_selftest. > - The initial PCR value of PCR[17 - 22] is all 0xff, I'm not sure > it is expected or not. > > [TODO] > - GPT measurement test > - Secure Boot Variable test > - Eventlog validation > > Masahisa Kojima (2): > efi_loader: add missing const qualifier > efi_selftest: add selftest for EFI_TCG2_PROTOCOL and Measured Boot > > include/efi_api.h | 2 +- > lib/efi_loader/efi_boottime.c | 5 +- > lib/efi_selftest/Makefile | 10 + > .../efi_selftest_miniapp_measuredboot.c | 93 ++ > lib/efi_selftest/efi_selftest_tcg2.c | 804 +++++++++++++++++- > 5 files changed, 910 insertions(+), 4 deletions(-) > create mode 100644 lib/efi_selftest/efi_selftest_miniapp_measuredboot.c > > -- > 2.17.1 >
