Verifying the "boot_aggregate" requires reading the TPM PCRs for each of
the TPM banks. In test environments without a physical TPM, a software
TPM may be used, but requires initializing the TPM PCRs. By walking and
replaying the TPM event log, a software TPM may be properly initialized.
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
---
.travis.yml | 4 +++-
tests/install-tss.sh | 8 ++++++++
2 files changed, 11 insertions(+), 1 deletion(-)
create mode 100755 tests/install-tss.sh
diff --git a/.travis.yml b/.travis.yml
index fa2a37625d52..0a3476572f74 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -13,8 +13,10 @@ addons:
- docbook-xml
install:
- ./tests/install-swtpm.sh
+ - ./tests/install-tss.sh
script:
- - autoreconf -i && ./configure && make -j$(nproc) && sudo make install && VERBOSE=1 make check TESTS="ima_hash.test sign_verify.test";
+ - autoreconf -i && ./configure && make -j$(nproc) && sudo make install && VERBOSE=1 make check;
- tail -3 tests/ima_hash.log;
- tail -3 tests/sign_verify.log;
+ - tail -3 tests/boot_aggregate.log;
diff --git a/tests/install-tss.sh b/tests/install-tss.sh
new file mode 100755
index 000000000000..c9c179eee6a8
--- /dev/null
+++ b/tests/install-tss.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -ex
+git clone https://git.code.sf.net/p/ibmtpm20tss/tss
+cd tss
+autoreconf -i && ./configure --disable-tpm-1.2 --disable-hwtpm && make -j$(nproc) && sudo make install
+cd ..
+rm -rf tss
--
2.18.4
