TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / tf-a-ci-scripts.git / 192ee178035089d5445d1e0fc48324f291b8dbf5 / . / expect / linux-tpm.exp
blob: 2bb66548f598902758724cb78cd82e0919aa7066 [file] [log] [blame]
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]1#
Slava Andrianov192ee172025-06-11 15:40:43 -0500[diff] [blame^]2# Copyright (c) 2020-2025, Arm Limited. All rights reserved.
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6# Expect script for Linux/Buildroot using Measured Boot & fTPM
7#
8
9source [file join [file dirname [info script]] utils.inc]
10source [file join [file dirname [info script]] handle-arguments.inc]
11
Slava Andrianov192ee172025-06-11 15:40:43 -0500[diff] [blame^]12set TFA_EVENT_LOG [get_param tfa_log "tfa_event_log"]
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]13
14# regexp for non-zero PCR0
15set non_zero_pcr "(?!(\\s00){16})((\\s(\[0-9a-f\]){2}){16}\\s)"
Manish V Badarkhefc146c42021-11-24 15:34:00 +0000[diff] [blame]16set zero_pcr "(\\s00){16}\\s+(00\\s){16}"
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]17
Slava Andrianov192ee172025-06-11 15:40:43 -0500[diff] [blame^]18capture_log $TFA_EVENT_LOG "Booting BL31|Finished using crypto library"
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]19
20expect {
21 "login" {
22 send "root\n"
23 }
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]24}
25
26expect {
27 "#" {
28 # Load the fTPM driver and retrieves PCR0
29 send "ftpm\n"
30 }
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]31}
32
33expect {
34 # Pass condition: PCR0 must not be all zeros.
35
36 -re $non_zero_pcr {
37 exp_continue
38 }
39
Manish V Badarkhefc146c42021-11-24 15:34:00 +0000[diff] [blame]40 "#" {
41 # get PCR1 value
42 send "pcrread -ha 1\n"
43 }
Manish V Badarkhefc146c42021-11-24 15:34:00 +0000[diff] [blame]44}
45
46expect {
47 # Pass condition: PCR1 must not be all zeros.
48
49 -re $non_zero_pcr {
50 exp_continue
51 }
52
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]53 "#" { }
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]54}
55
56# Iterate over the rest of PCRs and check that they all are zeros.
Manish V Badarkhefc146c42021-11-24 15:34:00 +0000[diff] [blame]57for {set i 2} {$i < 11} {incr i} {
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]58 send "pcrread -ha $i\n"
59
60 expect {
Manish V Badarkhefc146c42021-11-24 15:34:00 +0000[diff] [blame]61 -re $zero_pcr { }
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]62
63 -re $non_zero_pcr {
64 exit_uart -1
65 }
Javier Almansa Sobrino98de5032020-09-17 12:47:05 +0100[diff] [blame]66 }
67}
68
Chris Kay07756bc2022-11-24 17:21:48 +0000[diff] [blame]69expect_string "#" "finished reading PCRs"
70
Slava Andrianov192ee172025-06-11 15:40:43 -0500[diff] [blame^]71if {[info exists ::env(verify_hashes)]} {
72 source [file join [file dirname [info script]] compare_hashes.inc]
73}