| # Copyright (c) 2021 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| AUTHOR = "ChromeOS Team" |
| NAME = "firmware_CheckEOPState" |
| PURPOSE = "Ensure that firmware told ME that the boot process is complete." |
| ATTRIBUTES = "suite:faft_bios_ro_qual, suite:faft_bios_rw_qual" |
| CRITERIA = "Fail if ME on Tiger Lake or later is not in post-boot state" |
| TIME = "SHORT" |
| TEST_CATEGORY = "Security" |
| TEST_CLASS = "firmware" |
| TEST_TYPE = "client" |
| |
| DOC = """ |
| Intel x86 CPUs come with a Management Engine (going by more complicated |
| names sometimes, look for ME, CSE or CSME) that coordinates various |
| tasks during boot and after. |
| |
| That coprocessor needs to know when the boot process is complete so |
| it can reject privileged boot-only requests until next reboot. |
| |
| This test PASSES if the ME reports that it's in Post-Boot State. |
| |
| This test FAILS if any of the following is true: |
| - The ME reports it's not in Post-Boot State. This is the main condition. |
| - The ME's firmware supports a sufficiently new protocol but returns |
| failure to execute the query, failure to understand the query, responded |
| to a different query or returns an unexpectedly formatted response. |
| |
| This test reports NA if any of the following is true: |
| - The test is executed on non-Intel CPUs (e.g. AMD or ARM) |
| - The kernel doesn't provide a /dev/mei0 device |
| - The ME reports an old protocol version where we can't query the |
| state. (At least Sky Lake-E and older) |
| """ |
| |
| job.run_test('firmware_CheckEOPState') |
| |