| // Copyright 2020 The Chromium OS Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| package hwsec |
| |
| import ( |
| "context" |
| |
| "chromiumos/tast/common/hwsec" |
| hwsecremote "chromiumos/tast/remote/hwsec" |
| "chromiumos/tast/testing" |
| ) |
| |
| func init() { |
| testing.AddTest(&testing.Test{ |
| Func: ClearOwnership, |
| Desc: "Verifies that the TPM ownership can be cleared", |
| Contacts: []string{"cylai@chromium.org", "cros-hwsec@google.com"}, |
| SoftwareDeps: []string{"reboot", "tpm"}, |
| Attr: []string{"group:hwsec_destructive_func"}, |
| ServiceDeps: []string{"tast.cros.hwsec.AttestationDBusService"}, |
| }) |
| } |
| |
| func ClearOwnership(ctx context.Context, s *testing.State) { |
| r := hwsecremote.NewCmdRunner(s.DUT()) |
| |
| helper, err := hwsecremote.NewFullHelper(r, s.DUT(), s.RPCHint()) |
| if err != nil { |
| s.Fatal("Helper creation error: ", err) |
| } |
| |
| attestation := helper.AttestationClient() |
| |
| s.Log("Start resetting TPM if needed") |
| if err := helper.EnsureTPMIsReset(ctx); err != nil { |
| s.Fatal("Failed to ensure resetting TPM: ", err) |
| } |
| s.Log("TPM is confirmed to be reset") |
| |
| if result, err := attestation.IsPreparedForEnrollment(ctx); err != nil { |
| s.Fatal("Cannot check if enrollment preparation is reset: ", err) |
| } else if result { |
| s.Fatal("Enrollment preparation is not reset after clearing ownership") |
| } |
| s.Log("Enrolling with TPM not ready") |
| if _, err := attestation.CreateEnrollRequest(ctx, hwsec.DefaultPCA); err == nil { |
| s.Fatal("Enrollment should not happen w/o getting prepared") |
| } |
| } |