added resetTpm2Emulator method

added clear option for rim_setup

added clear option for rim_setup

added clear option for rim_setup

.ci/setup/setup_tpm2provisioner.sh

@@ -7,7 +7,6 @@ set -e
 pushd /  > /dev/null
 echo "Setting up TPM emulator for the TPM2 Provisioner"
  
-find / -name nvchip
 source /HIRS/.ci/setup/tpm2_common.sh
 
 #Wait for the ACA to spin up, if it hasnt already
@@ -32,4 +31,6 @@ tpm2_nvlist
 echo ""
 echo "===========HIRS ACA TPM 2.0 Provisioner Setup Complete!==========="
 
-popd > /dev/null
+popd > /dev/null
+
+tpm2_pcrlist -g sha256 

.ci/setup/tpm2_common.sh

@@ -27,6 +27,10 @@ function setTpmPcrValues {
     make -f makefiletpmc > /dev/null
     cd ../utils
     ./startup
+    
+    echo "Looking for ibms nvchip file"
+    find /ibmtss -name nvchip
+    find /ibmtpm -name nvchip
   popd  > /dev/null
 }
 
@@ -109,6 +113,21 @@ function initTpm2Emulator {
    sed -i "s/WARN/INFO/" /etc/hirs/TPM2_Provisioner/log4cplus_config.ini
 }
 
+# Clear our existing PCR values by restarting the ibm tpm simulator
+function resetTpm2Emulator {
+
+echo "clearing the TPM PCR values"
+
+pkill -f "tpm2-abrmd"
+pkill -f "tpm_server"
+/ibmtpm/src/./tpm_server &
+
+ pushd /ibmtss/utils  > /dev/null
+    ./startup
+ popd
+  tpm2-abrmd -t socket &
+}
+
 # Function to update the hirs-site.config file
 function updateHirsSiteConfigFile {
    HIRS_SITE_CONFIG="/etc/hirs/hirs-site.config"

.ci/system-tests/aca_policy_tests.sh

@@ -39,7 +39,7 @@ provisionTpm2 "pass"
 
 writeToLogs "### ACA POLICY TEST 7: Test PC with RIM Validation Policy with valid PC and RIM ###"
 setPolicyEkPcFw
-setRims "laptop" "default"
+setRims "laptop" "default" "none"
 provisionTpm2 "pass"
 
 #  Process Test Results, any single failure will send back a failed result.

.ci/system-tests/container/rim_setup.sh

@@ -6,6 +6,7 @@
 
 profile=$1
 test=$2
+options=$3
 tcgDir="/boot/tcg"
 propFile="/etc/hirs/tcg_boot.properties";
 profileDir="/HIRS/.ci/system-tests/profiles/$profile"
@@ -68,13 +69,11 @@ popd > /dev/null
 #Step 4, run the setpcr script to make the TPM emulator hold values that correspond the binary_bios_measurement file
 #     a: Clear the TPM PCR registers vi a call to the tss clear 
 #     b: Check if a test specific setpcr.sh file exists. If not use the profiles default script
-pushd /ibmtss/utils/
-echo "clearing the PCR values"
-pkill -f "tpm2-abrmd"
-initTpm2Emulator >> /dev/null
+echo "Options were $options"
 
-echo "TPM simulator cleared"
-popd
+if [[ $options == "clear" ]]; then
+   resetTpm2Emulator
+fi
 
 if [[ ! -f $pcrScript ]]; then
     pcrScript="$profileDir/default/"$profile"_default_setpcrs.sh"

.ci/system-tests/rim_system_tests.sh

@@ -16,7 +16,7 @@ clearAcaDb
 uploadTrustedCerts
 setPolicyEkPcFw
 setPlatformCerts "laptop" "varOsInstall"
-setRims "laptop" "varOsInstall"
+setRims "laptop" "varOsInstall" "clear"
 provisionTpm2 "pass"
 
 writeToLogs "### ACA RIM TEST 2: Test a RIM from an OEM with a bad reference measurement and a Supplemental RIM from a VAR ###"
@@ -24,7 +24,7 @@ clearAcaDb
 uploadTrustedCerts
 setPolicyEkPcFw
 setPlatformCerts "laptop" "badOemInstall"
-setRims "laptop" "badOemInstall"
+setRims "laptop" "badOemInstall" "clear"
 provisionTpm2 "fail"
 
 writeToLogs "### ACA RIM TEST 3: Test a RIM from an OEM and a Supplemental RIM from a VAR with a bad reference measurement ###"
@@ -32,7 +32,7 @@ clearAcaDb
 uploadTrustedCerts
 setPolicyEkPcFw
 setPlatformCerts "laptop" "badVarInstall"
-setRims "laptop" "badVarInstall"
+setRims "laptop" "badVarInstall" "clear"
 provisionTpm2 "fail"
 
 #  Process Test Results, any single failure will send back a failed result.

.ci/system-tests/sys_test_common.sh

@@ -107,7 +107,7 @@ setPlatformCerts() {
 # Places RIM files held in the test folder in the provisioners tcg folder
 # setRims <profile> <test>
 setRims() {
-docker exec $tpm2_container sh /HIRS/.ci/system-tests/container/rim_setup.sh $1 $2 
+docker exec $tpm2_container sh /HIRS/.ci/system-tests/container/rim_setup.sh $1 $2 $3
 #docker exec $tpm2_container bash -c "find / -name oem_platform_v1_Base.cer"
 }