Skip to content

TrenchBoot updates #555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 15, 2024
Merged

TrenchBoot updates #555

merged 6 commits into from
Nov 15, 2024

Conversation

SergiiDmytruk
Copy link
Member

@SergiiDmytruk SergiiDmytruk commented Oct 28, 2024
edited
Loading

Previously only non-DRTM case was tested, now DRTM one works as well. It requires SeaBIOS which is harder to automate, see README file for how to use it.

See commit messages for more info.

@SergiiDmytruk SergiiDmytruk mentioned this pull request Oct 28, 2024
Closed
@pietrushnic
Copy link
Contributor

@SergiiDmytruk, I have to automate Dasharo (coreboot+SeaBIOS) on a large scale for the upcoming PC Engine releases. @macpijan, I'm looking for your input on whether you see Boot SeaBIOS as a valid approach or if you have some ideas about more sophisticated infrastructure.

@SergiiDmytruk
Copy link
Member Author

@pietrushnic Changed it in 40c9d5f, which is more reasonable and can be at least a temporary solution.

krystian-hebel
krystian-hebel reviewed Oct 29, 2024
View reviewed changes
@SergiiDmytruk SergiiDmytruk force-pushed the tb-for-amd branch 3 times, most recently from 5ba442b to 204b560 Compare November 3, 2024 23:27
@macpijan macpijan mentioned this pull request Nov 8, 2024
Open
@macpijan
Copy link
Contributor

macpijan commented Nov 8, 2024

@krystian-hebel let me know if you have more comments here

krystian-hebel
krystian-hebel approved these changes Nov 8, 2024
View reviewed changes
Copy link
Contributor

@krystian-hebel krystian-hebel left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't been able to test it on HW (all apus were checked out, except for apu3 where RTE didn't start it's REST server for rte_ctrl, I've notified Dawid an he'll look into it) but running the steps manually worked. CI passed for QEMU so I'm assuming default SEABIOS_BOOT_DEVICE also works as it should, I was afraid it may need ${EMPTY} or some other RF magic.

Let's make pre-commit happy before merging. There is one typo and apparently something else, because it reports 2 modified files. I hope it doesn't try to un-escape what needs to be escaped...

@macpijan
Copy link
Contributor

I'm assuming default SEABIOS_BOOT_DEVICE also works as it should, I was afraid it may need ${EMPTY} or some other RF magic.

This is what pre-commit suggests

macpijan
macpijan approved these changes Nov 14, 2024
View reviewed changes
Copy link
Contributor

@macpijan macpijan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feel free to merge once you confirm it works well paired with: zarhus/meta-trenchboot#45

@SergiiDmytruk SergiiDmytruk mentioned this pull request Nov 14, 2024
Merged
@SergiiDmytruk @macpijan
lib/trenchboot.robot: more reliable TrenchBoot Telnet Root Login
ef80d8b 
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@SergiiDmytruk @macpijan
scripts/run.sh: make help message more complete
76bee8e 
Mention that it's possible to pass arbitrary parameters to `robot` after
`--`.

Also use parenthesis instead of brackets for the mandatory parameter and
indicate that it doesn't have to be a single parameter.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@SergiiDmytruk @macpijan
lib/bios/menus.robot: make booting SeaBIOS possible
c5a8e79 
Not the nicest solution, but a reasonable one.  Because SeaBIOS doesn't
know which drives contain which OSes, let the user specify it via
`$SEABIOS_BOOT_DEVICE` variable and handle this case in
`.Boot System Or From Connected Disk` keyword.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@SergiiDmytruk @macpijan
trenchboot/02-with-drtm.robot: comment out parts of WTD005.001
51bd089 
They don't apply to Linux boot, but will be useful for Xen.  Need to
somehow specify what is being loaded (probably do it in a separate
test).

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@SergiiDmytruk @macpijan
trenchboot/02-with-drtm.robot: implement WTD006.001 in bash
81f987d 
This avoids relying on tpm2_eventlog to compute expected values.  The
problem is that it might do it wrong because some digests aren't
extended into PCRs, but the tool assumes otherwise.

Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@SergiiDmytruk @macpijan
trenchboot/README.md: add
8852500 
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
@macpijan macpijan merged commit 8852500 into develop Nov 15, 2024
@macpijan macpijan deleted the tb-for-amd branch November 15, 2024 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@macpijan macpijan macpijan approved these changes

@krystian-hebel krystian-hebel krystian-hebel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SergiiDmytruk @pietrushnic @macpijan @krystian-hebel