Convert TPM state check to a Verifier
Reported by
jrbarnette@chromium.org,
Mar 8 2016
|
||||||
Issue descriptionThe failure in bug 576450 suggests that the TPM verification check would benefit from better diagnosis after the check fails. That entails these changes: * Move the TPM check out of CrosHost.verify_software(), and make a Verifier for it in cros_repair.py. * In the new verifier, add some diagnosis code, and make sure that the diagnosis message is included in whatever exception is raised. These changes will guarantee that the diagnosis message appears in status.log, per bug 586317. The diagnosis could include specifically testing status of the tcsd job. It sounds like checking the job should be done only after the basic failure of "incorrect output from `cryptohome`"
,
Mar 8 2016
,
Mar 14 2016
@ Xixuan - can you work on this?
,
Mar 14 2016
Fine, I will take a look at it.
,
Mar 17 2016
,
Mar 17 2016
When we do this, we have the opportunity to add diagnostic messages to explain what, specifically, is wrong with given TPM status information. dkrahn@ - can you offer some suggestions regarding specific diagnosis that might be helpful?
,
Mar 17 2016
We only check for a few error cases with the current logic and those would be a good place to start for messages: - TPM is not enabled -- hardware is not working - Cannot connect to the TPM -- maybe tcsd is not running - Cannot load the TPM SRK or SRK public key -- we still don't know how devices get into this state but clearing TPM ownership seems to fix it
,
Mar 19 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/autotest/+/808019304ef54159b0b14aca59cef8000ba2fb3b commit 808019304ef54159b0b14aca59cef8000ba2fb3b Author: xixuan <xixuan@google.com> Date: Thu Mar 17 22:54:02 2016 Autotest: Convert TPM status check to a verifier This converts the TPM status check in CrosHost.verify_tpm_status() to use the new verification framework, and adds diagnosis: - TPM is not enabled -- hardware is not working - Cannot connect to the TPM -- maybe tcsd is not running - Cannot load the TPM SRK or SRK public key -- we still don't know how devices get into this state but clearing TPM ownership seems to fix it BUG= chromium:593072 TEST=Ran verification for a DUT in lab using a local autotest with different settings of tpm json values, and command `stop tcsd`. Change-Id: I880c9f02835a39ec0f7b226efc450a761ccc2237 Reviewed-on: https://chromium-review.googlesource.com/333386 Commit-Ready: Xixuan Wu <xixuan@chromium.org> Tested-by: Xixuan Wu <xixuan@chromium.org> Reviewed-by: Richard Barnette <jrbarnette@chromium.org> [modify] https://crrev.com/808019304ef54159b0b14aca59cef8000ba2fb3b/server/hosts/cros_host.py [modify] https://crrev.com/808019304ef54159b0b14aca59cef8000ba2fb3b/server/hosts/cros_repair.py
,
Mar 29 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/autotest/+/a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4 commit a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4 Author: xixuan <xixuan@google.com> Date: Tue Mar 29 00:28:02 2016 Fix the typo in TPM to make log clearer: Cannot load the TPM SRC public key --> Cannot load the TPM SRK public key BUG= chromium:593072 TEST=None Change-Id: I9ebfe4e9e31121c45d6692efd6a367286a1f2796 Reviewed-on: https://chromium-review.googlesource.com/335642 Commit-Ready: Xixuan Wu <xixuan@chromium.org> Tested-by: Xixuan Wu <xixuan@chromium.org> Reviewed-by: Dan Shi <dshi@chromium.org> [modify] https://crrev.com/a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4/server/hosts/cros_repair.py
,
Mar 30 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/autotest/+/a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4 commit a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4 Author: xixuan <xixuan@google.com> Date: Tue Mar 29 00:28:02 2016 Fix the typo in TPM to make log clearer: Cannot load the TPM SRC public key --> Cannot load the TPM SRK public key BUG= chromium:593072 TEST=None Change-Id: I9ebfe4e9e31121c45d6692efd6a367286a1f2796 Reviewed-on: https://chromium-review.googlesource.com/335642 Commit-Ready: Xixuan Wu <xixuan@chromium.org> Tested-by: Xixuan Wu <xixuan@chromium.org> Reviewed-by: Dan Shi <dshi@chromium.org> [modify] https://crrev.com/a2cc5085b9d7a42607ee4966d6e71e6e8937e2e4/server/hosts/cros_repair.py
,
Apr 12 2016
,
Apr 27 2016
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by jrbarnette@chromium.org
, Mar 8 2016