Hi Ilias, On Wed, 10 May 2023 at 01:44, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote: > > Currently we only read the pcr updates once on test_tpm2_pcr_read(). > It turns out that the tpm init sequence of force_init() which consists > of: > - tpm2 init > - tpm2 startup TPM2_SU_CLEAR > - tpm2 self_test full > - tpm2 clear TPM2_RH_LOCKOUT > > also counts as an update. Running this in the console verifies the > update bump > => tpm2 init > => tpm2 startup TPM2_SU_CLEAR > => tpm2 self_test full > => tpm pcr_read 10 $loadaddr > PCR #10 content (28 known updates): > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > => tpm2 clear TPM2_RH_LOCKOUT > => tpm pcr_read 10 $loadaddr > PCR #10 content (29 known updates): > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > => > > Instead of relying on the initial read do a read just before updating > the PCR to ensure we read the correct values before testing > > Signed-off-by: Ilias Apalodimas <ilias.apalodi...@linaro.org> > --- > test/py/tests/test_tpm2.py | 6 ++++++ > 1 file changed, 6 insertions(+)
Reviewed-by: Simon Glass <s...@chromium.org> How do these tests pass today? Or do they not? Regards, Simon