3 files changed, 51 insertions, 52 deletions

diff --git a/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py b/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py
index 9fc9a82a..8be2b791 100644
--- a/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py
+++ b/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py
@@ -13,17 +13,9 @@ class hardware_TPMFirmware(test.test):
     version = 1
     preserve_srcdir = True
 
-    # Cross-compiles TLCL test suite and other needed code.
-    # TODO(semenzato): tpm_takeownership is currently available by making
-    # tpm-tools an RDEPEND in the autotest ebuild.  See that file for a
-    # better way.
     def setup(self):
-        sysroot = os.environ['SYSROOT']
-        bin_path = os.path.join(sysroot, 'usr/sbin/tpm_takeownership')
-        shutil.copy(bin_path, self.bindir)
         utils.make('-C %s' % self.srcdir)
 
-
     # Runs a command, logs the output, and returns the exit status.
     def tpm_run(self, cmd, ignore_status=False):
         output = utils.run(cmd, ignore_status=ignore_status)
@@ -31,31 +23,15 @@ class hardware_TPMFirmware(test.test):
         self.job.set_state("client_status", output.exit_status)
 
 
-    # Sets up the system (if it isn't already) to run the tpm binaries.  This
-    # is mostly needed after a reboot.  We don't rely on the system booting in
-    # any particular state.
-    def tpm_setup(self, with_tcsd=False):
-        utils.run('mknod /dev/tpm c 10 224', ignore_status=True)
-        utils.run('mknod /dev/tpm0 c 10 224', ignore_status=True)
-        utils.run('modprobe tpm_tis force=1 interrupts=0', ignore_status=True)
-
-        if (with_tcsd):
-            utils.run('/usr/sbin/tcsd')
-        else:
-            # It will be a problem if upstart automatically restarts tcsd.
-            utils.run('pkill tcsd', ignore_status=True)
-
-
     def run_once(self, subtest='None'):
         logging.info("Running TPM firmware client subtest %s", subtest)
-        if (subtest == 'setup'):
-            self.tpm_setup()
-            self.tpm_write_status(0)
-        elif (subtest == 'takeownership'):
-            self.tpm_setup(with_tcsd=True)
-            own_cmd = os.path.join(self.bindir, "tpm_takeownership -y -z")
-            self.tpm_run(own_cmd)
-	else:
-            self.tpm_setup()
+        if (subtest == 'takeownership'):
+            output = utils.run("start tcsd", ignore_status=False)
+            # When TCSD is running, the system might try to take ownership as
+            # well.  We don't care.
+            logging.info(output)
+            own_cmd = "tpm_takeownership -y -z"
+            self.tpm_run(own_cmd, ignore_status=True)
+        else:
             cmd = os.path.join(self.srcdir, subtest)
             self.tpm_run(cmd, ignore_status=True)
diff --git a/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py b/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py
index ad8b28ab..0c6203c3 100644
--- a/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py
+++ b/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py
@@ -16,14 +16,27 @@ class hardware_TPMFirmwareServer(test.test):
     See also client/site_tests/hardware_TPMFirmware.  The server side of the
     test is used to coordinate the multiple reboots needed to bring the TPM to
     a new state (for instance between owned and unowned).
+
+    IMPORTANT.  This can only run on a machine modified as follows.
+
+    1. The TCSD daemon must not be started.  Otherwise the machine might try to
+    take ownership and who knows what else.  A good way of preventing this is
+    to comment out 'start tcsd' in /etc/init/tpm-probe.conf.
+
+    2. The firmware on the machine must not send any commands to the TPM,
+    including TPM_Startup.
     """
     version = 1
     n_client_reboots = 0
     client_at = None
+    test_suffix = ""
 
     # Run the client subtest named [subtest].
-    def tpm_run(self, subtest, ignore_status=False):
-        self.client_at.run_test(self.client_test, subtest=subtest)
+    def tpm_run(self, subtest, ignore_status=False, reboot=True):
+        if (reboot):
+            self.reboot_client()
+        ttag = subtest + self.test_suffix
+        self.client_at.run_test(self.client_test, subtest=subtest, tag=ttag)
         cstatus = self.job.get_state("client_status")
         logging.info("server: client status = %s", cstatus)
         self.job.set_state("client_status", None)
@@ -41,6 +54,23 @@ class hardware_TPMFirmwareServer(test.test):
         self.n_client_reboots += 1
 
 
+    def run_unowned_only(self):
+        # The fastenable test is implicit in testsetup, but run it anyhow.
+        self.tpm_run("tpmtest_fastenable")
+        # The writelimit test may redundantly clear the TPM.
+        self.tpm_run("tpmtest_writelimit")
+        self.tpm_run("tpmtest_redefine_unowned")
+
+
+    def run_owned_and_unowned(self, suffix):
+        self.test_suffix = suffix
+        self.tpm_run("tpmtest_earlyextend")
+        self.tpm_run("tpmtest_earlynvram")
+        self.tpm_run("tpmtest_earlynvram2")
+        self.tpm_run("tpmtest_globallock")
+        self.tpm_run("tpmtest_spaceperm")
+        self.tpm_run("tpmtest_timing")
+
     def run_once(self, host=None):
         self.client = host
         self.client_at = autotest.Autotest(self.client)
@@ -49,23 +79,13 @@ class hardware_TPMFirmwareServer(test.test):
         self.job.set_state("client_status", None)
 
         # Set up the client in the unowned state.
-        self.reboot_client()
-        self.tpm_run("tpmtest_clear", ignore_status=True)
+        # TODO(semenzato): this should be in a separate "setup" function.
+        self.tpm_run("tpmtest_testsetup")
 
-        self.reboot_client()
-        self.tpm_run("tpmtest_enable", ignore_status=True)
+        # Run these unowned only.
+        self.run_unowned_only()
 
-        self.reboot_client()
-        self.tpm_run("tpmtest_readonly")
-
-        self.reboot_client()
-        self.tpm_run("tpmtest_globallock")
-
-        self.reboot_client()
+        # Run these both owned and unowned.
+        self.run_owned_and_unowned("-u")
         self.tpm_run("takeownership")
-
-        self.reboot_client()
-        self.tpm_run("tpmtest_readonly")
-
-        self.reboot_client()
-        self.tpm_run("tpmtest_globallock")
+        self.run_owned_and_unowned("-o")
diff --git a/tests/tpm_lite/testsetup.c b/tests/tpm_lite/testsetup.c
index 14175d0c..fac1951e 100644
--- a/tests/tpm_lite/testsetup.c
+++ b/tests/tpm_lite/testsetup.c
@@ -24,6 +24,9 @@ int main(int argc, char** argv) {
   TPM_CHECK(TlclStartupIfNeeded());
   TPM_CHECK(TlclSelfTestFull());
   TPM_CHECK(TlclAssertPhysicalPresence());
+  TPM_CHECK(TlclForceClear());
+  TPM_CHECK(TlclSetEnable());
+  TPM_CHECK(TlclSetDeactivated(0));
 
   result = TlclRead(INDEX0, (uint8_t*) &x, sizeof(x));
   if (result == TPM_E_BADINDEX) {
@@ -34,7 +37,7 @@ int main(int argc, char** argv) {
   result = TlclRead(INDEX1, (uint8_t*) &x, sizeof(x));
   if (result == TPM_E_BADINDEX) {
     perm = TPM_NV_PER_PPWRITE;
-    TlclDefineSpace(INDEX1, perm, sizeof(uint32_t));
+    TPM_CHECK(TlclDefineSpace(INDEX1, perm, sizeof(uint32_t)));
   }
 
   printf("TEST SUCCEEDED\n");