Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test TPM in verification image #3971

Merged
merged 1 commit into from
Jun 14, 2024
Merged

Test TPM in verification image #3971

merged 1 commit into from
Jun 14, 2024

Conversation

shjala
Copy link
Member

@shjala shjala commented Jun 11, 2024
edited
Loading

This PR adds recover-tpm tool in debug container for general use and references it in verification image to run some tests on the TPM hardware. Tests are done in a new script verifytpm.sh, it tests all the TPM operations that are critical for EVE and make sure all function well, in addition it runs a small stress test on TPM to make sure key generation and key derivation operations work fine even after a few dozen repeated operations .

Needs to be merged after #3867

@shjala shjala requested a review from rouming as a code owner June 11, 2024 10:26
@shjala shjala force-pushed the recovertpm-in-verif branch 2 times, most recently from 6da803c to d55cd9f Compare June 11, 2024 10:33
eriknordmark
eriknordmark reviewed Jun 11, 2024
View reviewed changes
pkg/debug/Dockerfile Outdated Show resolved Hide resolved
eriknordmark
eriknordmark approved these changes Jun 11, 2024
View reviewed changes
Copy link
Contributor

@eriknordmark eriknordmark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some hadolint and shellcheck issues to look at.

@shjala
Copy link
Member Author

shjala commented Jun 11, 2024

Some hadolint and shellcheck issues to look at.

I'll run some test to make sure verification image works fine, then fix the complains.

@shjala
Copy link
Member Author

shjala commented Jun 12, 2024
edited
Loading

#3867 didn't publish a riscv64 version to dockerhub, despite successful riscv64 build on the PR build!

If we merge this riscv64 builds on master will break. Need to figure that out first.

@shjala
Copy link
Member Author

shjala commented Jun 12, 2024
edited
Loading

This should go after #3979

eriknordmark
eriknordmark approved these changes Jun 12, 2024
View reviewed changes
Copy link
Contributor

@eriknordmark eriknordmark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Run again

@shjala shjala force-pushed the recovertpm-in-verif branch 2 times, most recently from df2d20d to d695f18 Compare June 13, 2024 11:57
@shjala
Test TPM hardware in verification image
713f925 
Utilize the tpm-recovery tool to run tests on
TPM hardware and make sure operations that are used
by EVE are all functional and available.

Signed-off-by: Shahriyar Jalayeri <shahriyar@zededa.com>
@shjala
Copy link
Member Author

shjala commented Jun 13, 2024
edited
Loading

  • Fixed yetus complains.
  • Added copyright and licence line.
  • Squashed commits.

@eriknordmark eriknordmark merged commit c72afb2 into lf-edge:master Jun 14, 2024
22 of 32 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rouming rouming rouming approved these changes

@jsfakian jsfakian Awaiting requested review from jsfakian

@eriknordmark eriknordmark Awaiting requested review from eriknordmark eriknordmark is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@shjala @rouming @eriknordmark