From 7a4dc8b8df48b5f979086ced5fc66d25645f3bcc Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 13 Sep 2024 15:25:00 +0100 Subject: [PATCH 1/2] platform/machine/unprivqemu: Add missing clean-up on destroy It was leaving the /tmp/mantle-ssh-* directory behind. Signed-off-by: James Le Cuirot --- platform/machine/unprivqemu/flight.go | 1 + 1 file changed, 1 insertion(+) diff --git a/platform/machine/unprivqemu/flight.go b/platform/machine/unprivqemu/flight.go index 1743eee5b..8035a6e8f 100644 --- a/platform/machine/unprivqemu/flight.go +++ b/platform/machine/unprivqemu/flight.go @@ -81,6 +81,7 @@ func (qf *flight) NewCluster(rconf *platform.RuntimeConfig) (platform.Cluster, e } func (qf *flight) Destroy() { + qf.BaseFlight.Destroy() if qf.diskImageFile != nil { qf.diskImageFile.Close() } From e147f0845f87a48e4bb31bb32d8e0b6d62e2dbf9 Mon Sep 17 00:00:00 2001 From: James Le Cuirot Date: Fri, 13 Sep 2024 15:27:35 +0100 Subject: [PATCH 2/2] kola/tests: Add new cl.tpm.eventlog test for the TPM Event log This will only work from GRUB 2.12 onwards, so restrict to 4082+. I initially wanted to add this check to the existing tpmTest function, but that wouldn't allow me to restrict the version. Signed-off-by: James Le Cuirot --- kola/tests/misc/tpm.go | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/kola/tests/misc/tpm.go b/kola/tests/misc/tpm.go index d1e5a51c6..cfebdd878 100644 --- a/kola/tests/misc/tpm.go +++ b/kola/tests/misc/tpm.go @@ -302,6 +302,15 @@ func init() { Distros: []string{"cl"}, MinVersion: semver.Version{Major: 3913, Minor: 0, Patch: 1}, }) + + register.Register(®ister.Test{ + Run: eventLogTest, + ClusterSize: 0, + Platforms: []string{"qemu"}, + Name: "cl.tpm.eventlog", + Distros: []string{"cl"}, + MinVersion: semver.Version{Major: 4082}, + }) } func tpmTest(c cluster.TestCluster, userData *conf.UserData, mountpoint string, variant string) { @@ -359,3 +368,27 @@ func tpmTest(c cluster.TestCluster, userData *conf.UserData, mountpoint string, checkIfMountpointIsEncrypted(c, m, "/") } } + +func eventLogTest(c cluster.TestCluster) { + options := platform.MachineOptions{EnableTPM: true} + var ( + m platform.Machine + err error + ) + switch pc := c.Cluster.(type) { + // These cases have to be separated because otherwise the golang compiler doesn't type-check + // the case bodies using the proper subtype of `pc`. + case *qemu.Cluster: + m, err = pc.NewMachineWithOptions(nil, options) + case *unprivqemu.Cluster: + m, err = pc.NewMachineWithOptions(nil, options) + default: + c.Fatal("unknown cluster type") + } + if err != nil { + c.Fatal(err) + } + + // Verify that the TPM event log is working. + _ = c.MustSSH(m, "sudo tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements") +}