mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-19 04:58:00 +00:00
Added intial RIM Test
script cleanup
This commit is contained in:
lareine
parent
5cf994153e
commit
b0f85c0a3e
@ -6,8 +6,14 @@
|
||||
|
||||
profile=$1
|
||||
test=$2
|
||||
tcgDir="/boot/tcg"
|
||||
compscript="$profile"_"$test"_allcomponents.sh
|
||||
hwlist="$profile"_"$test"_hw.json
|
||||
testDir="/HIRS/.ci/system-tests/profiles/$profile/$test"
|
||||
pcDir=$testDir/platformcerts
|
||||
profileDir="/HIRS/.ci/system-tests/profiles/$profile"
|
||||
|
||||
|
||||
# Current TCG folder for platform certs, likely to change with release of the next FIM specification
|
||||
tcgDir=/boot/tcg/cert/platform/
|
||||
mkdir -p $tcgDir; # Create the platform cert folder if its not there
|
||||
@ -34,7 +40,11 @@ fi
|
||||
cp -f $allCompJson /opt/paccor/scripts/$hwlist ;
|
||||
|
||||
# Step 3: Copy the platform cert to tcg folder on boot drive
|
||||
pushd /HIRS/.ci/system-tests/profiles/$profile/$test/platformcerts/ > /dev/null
|
||||
# a: See if test specific swidtag folder exists, if not use the defualt folder
|
||||
if [[ ! -d $pcDir ]]; then
|
||||
pcDir=$profileDir/default/platformcerts;
|
||||
fi
|
||||
pushd $pcDir > /dev/null
|
||||
# Skip copy of platform cert if .gitigore exists (empty profile)
|
||||
if [[ ! -f ".gitignore" ]]; then
|
||||
for cert in * ; do
|
||||
|
||||
@ -7,34 +7,50 @@
|
||||
profile=$1
|
||||
test=$2
|
||||
tcgDir="/boot/tcg"
|
||||
testDir="/HIRS/.ci/system-tests/profiles/$profile/$test"
|
||||
propFile="/etc/hirs/tcg_boot.properties";
|
||||
profileDir="/HIRS/.ci/system-tests/profiles/$profile"
|
||||
defaultDir="$profile/default"
|
||||
testDir="/HIRS/.ci/system-tests/profiles/$profile/$test"
|
||||
eventLog="$testDir"/"$profile"_"$test"_binary_bios_measurements
|
||||
swidDir="$testDir/swidtags"
|
||||
rimDir="$testDir/rims"
|
||||
pcrScript="$testDir/"$profile"_"$test"_setpcrs.sh"
|
||||
|
||||
echo "Test is using RIM files from $profile : $test"
|
||||
|
||||
# Make sure TCG defined RIM folders exist and are cleared out
|
||||
mkdir -p $tcgDir/manifest/rim/; # Create the platform cert folder if its not there
|
||||
rm -f $tcgDir/manifest/rim/*; # clear out any previous data
|
||||
rm -f $tcgDir/manifest/rim/*; # clear out any previous data
|
||||
|
||||
mkdir -p $tcgDir/manifest/swidtag/; # Create the platform cert folder if its not there
|
||||
rm -f $tcgDir/manifest/swidtag/*; # clear out any previous data
|
||||
|
||||
echo "Test is using RIM files from $profile : $test"
|
||||
# Step 1: Update the tcg_boot.properties to use test specific binary_bios_measurement file
|
||||
# a: if file does not exist in the test folder then use the default measurement file
|
||||
# b: change the property file to point to the the test file
|
||||
|
||||
# update tcg_boot.properties to use test specific binary_bios_measurement file
|
||||
if [[ ! -f "$eventLog" ]]; then
|
||||
eventLog="$defaultDir"/"$profile"_default_binary_bios_measurements
|
||||
fi
|
||||
sed -i "s:tcg.event.file=.*:tcg.event.file=$eventLog:g" "$propFile"
|
||||
|
||||
#echo "Contents of $propFile after sed is $(cat $propFile)";
|
||||
|
||||
# Step 2: Copy Base RIM files to the TCG folder
|
||||
pushd $testDir/swidtags/ > /dev/null
|
||||
|
||||
# a: See if test specific swidtag folder exists, if not use the defualt folder
|
||||
if [[ ! -d $swidDir ]]; then
|
||||
swidDir=$defaultDir/swidtags;
|
||||
fi
|
||||
pushd $swidDir > /dev/null
|
||||
if [[ ! -f ".gitignore" ]]; then
|
||||
for swidtag in * ; do
|
||||
cp -f $swidtag $tcgDir/manifest/swidtag/$swidtag;
|
||||
done
|
||||
fi
|
||||
popd > /dev/null
|
||||
# Step 3: Copy Support RIM files to the TCG folder
|
||||
pushd $testDir/rims/ > /dev/null
|
||||
# Step 3: Copy Support RIM files to the TCG folder in the same mannor
|
||||
if [[ ! -d $rimDir ]]; then
|
||||
rimDir=$defaultDir/rims;
|
||||
fi
|
||||
pushd $rimDir > /dev/null
|
||||
|
||||
if [[ ! -f ".gitignore" ]]; then
|
||||
for rim in * ; do
|
||||
@ -43,11 +59,15 @@ pushd $testDir/rims/ > /dev/null
|
||||
fi
|
||||
popd > /dev/null
|
||||
|
||||
# echo "Contents of tcg swidtag folder $tcgDir/manifest/swidtag/ : $(ls $tcgDir/manifest/swidtag/)"
|
||||
# echo "Contents of tcg rim folder tcgDir/manifest/rim/: $(ls $tcgDir/manifest/rim/)"
|
||||
echo "Contents of tcg swidtag folder $tcgDir/manifest/swidtag/ : $(ls $tcgDir/manifest/swidtag/)"
|
||||
echo "Contents of tcg rim folder tcgDir/manifest/rim/: $(ls $tcgDir/manifest/rim/)"
|
||||
|
||||
#Step 4, run the setpcr script to make the TPM emulator hold values that correspond the binary_bios_measurement file
|
||||
sh $testDir/"$profile"_"$test"_setpcrs.sh
|
||||
#tpm2_pcrlist -g sha256
|
||||
# a: Check if a test specific setpcr.sh file exists. If not use the profiles default script
|
||||
if [[ ! -f $pcrScript ]]; then
|
||||
pcrScript="$testDir/"$profile"_default_setpcrs.sh"
|
||||
fi
|
||||
sh $pcrScript;
|
||||
tpm2_pcrlist -g sha256
|
||||
|
||||
# Done with rim_setup
|
||||
# Done with rim_setup
|
||||
Loading…
Reference in New Issue
Block a user