allow other TCTI's for running integration tests by opt-in request

Question

allow other TCTI's for running integration tests by opt-in request

Closed this issue a year ago · 3 comments

Hi, I'm testing this with software based TPM and integration tests say:

configure: error: No suitable TCTI for testing enabled. Please use option --enable-tcti-swtpm (recommended) or --enable-tcti-mssim (fallback) to enable a suitable TCTI or disable testing with --disable-integration.

I don't have the issue of hardware wearing off because it is not hardware.

Answer 1 · 2023-08-09T08:56:25.000Z

I.e. by enforcement allow to use /dev/tpm0

Answer 2 · 2023-08-10T06:41:47.000Z

We have that, e.g. ./configure --with-device=/dev/tpm0 --with-devicetests=mandatory.

For using arbitrary tctis for integration testing: we are not there, yet. But with #2640 we might get closer.

Answer 3 · 2023-08-11T02:02:41.000Z

I ended up with:

./configure \
    --enable-integration --enable-self-generated-certificate \
    --disable-doxygen-doc \
    --with-device="/dev/tpm0" \
    --with-devicetests=mandatory,optional,destructive \
    --disable-dependency-tracking \
    --disable-tcti-mssim \
    --disable-tcti-swtpm \
    --disable-tcti-pcap \
    --disable-tcti-libtpms \
    --disable-tcti-cmd \
    --disable-valgrind-memcheck \
    --disable-valgrind-helgrind \
    --disable-valgrind-drd \
    --disable-valgrind-sgcheck \
    --disable-doxygen-doc \
    --disable-doxygen-man \
    --disable-doxygen-rtf \
    --disable-doxygen-html

In my case I only needed the device TCTI. I've patched tpm_vtpm_proxy to bootstrap on device (not ready for upstream submission at this point). I get a full pass in any case :-)