tpm: Actually add the v1.2 device

Also, add end-to-end tests for this so it can never happen again.

Fixes https://github.com/fwupd/fwupd/issues/3972

libfwupdplugin/fu-security-attrs-private.h

@@ -34,3 +34,5 @@ GPtrArray *
 fu_security_attrs_get_all(FuSecurityAttrs *self);
 void
 fu_security_attrs_append_internal(FuSecurityAttrs *self, FwupdSecurityAttr *attr);
+FwupdSecurityAttr *
+fu_security_attrs_get_by_appstream_id(FuSecurityAttrs *self, const gchar *appstream_id);

libfwupdplugin/fu-security-attrs.c

@@ -108,6 +108,29 @@ fu_security_attrs_append(FuSecurityAttrs *self, FwupdSecurityAttr *attr)
 	fu_security_attrs_append_internal(self, attr);
 }
 
+/**
+ * fu_security_attrs_get_by_appstream_id:
+ * @self: a #FuSecurityAttrs
+ * @appstream_id: an ID, e.g. %FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM
+ *
+ * Gets a specific #FwupdSecurityAttr from the array.
+ *
+ * Returns: (transfer full): a #FwupdSecurityAttr or %NULL
+ *
+ * Since: 1.7.2
+ **/
+FwupdSecurityAttr *
+fu_security_attrs_get_by_appstream_id(FuSecurityAttrs *self, const gchar *appstream_id)
+{
+	g_return_val_if_fail(FU_IS_SECURITY_ATTRS(self), NULL);
+	for (guint i = 0; i < self->attrs->len; i++) {
+		FwupdSecurityAttr *attr = g_ptr_array_index(self->attrs, i);
+		if (g_strcmp0(fwupd_security_attr_get_appstream_id(attr), appstream_id) == 0)
+			return g_object_ref(attr);
+	}
+	return NULL;
+}
+
 /**
  * fu_security_attrs_to_variant:
  * @self: a #FuSecurityAttrs

libfwupdplugin/fwupdplugin.map

@@ -948,6 +948,7 @@ LIBFWUPDPLUGIN_1.7.2 {
     fu_context_has_hwid_flag;
     fu_device_get_firmware_gtype;
     fu_device_set_firmware_gtype;
+    fu_security_attrs_get_by_appstream_id;
     fu_udev_device_get_bind_id;
     fu_udev_device_get_sysfs_attr_uint64;
     fu_udev_device_seek;

plugins/tpm/fu-plugin-tpm.c

@@ -290,12 +290,14 @@ fu_plugin_tpm_startup(FuPlugin *plugin, GError **error)
 
 	/* look for TPM v1.2 */
 	sysfstpmdir = fu_common_get_path(FU_PATH_KIND_SYSFSDIR_TPM);
-	fn_pcrs = g_build_filename(sysfstpmdir, "tmp0", "pcrs", NULL);
+	fn_pcrs = g_build_filename(sysfstpmdir, "tpm0", "pcrs", NULL);
 	if (g_file_test(fn_pcrs, G_FILE_TEST_EXISTS) && g_getenv("FWUPD_FORCE_TPM2") == NULL) {
 		data->tpm_device = fu_tpm_v1_device_new(fu_plugin_get_context(plugin));
 		g_object_set(data->tpm_device, "device-file", fn_pcrs, NULL);
+		fu_device_set_physical_id(FU_DEVICE(data->tpm_device), "tpm");
 		if (!fu_device_probe(FU_DEVICE(data->tpm_device), error))
 			return FALSE;
+		fu_plugin_device_add(plugin, FU_DEVICE(data->tpm_device));
 	}
 
 	/* success */

plugins/tpm/fu-self-test.c

@@ -9,6 +9,8 @@
 #include <fwupdplugin.h>
 
 #include "fu-context-private.h"
+#include "fu-plugin-private.h"
+#include "fu-security-attrs-private.h"
 #include "fu-tpm-eventlog-common.h"
 #include "fu-tpm-eventlog-parser.h"
 #include "fu-tpm-v1-device.h"
@@ -17,26 +19,54 @@
 static void
 fu_tpm_device_1_2_func(void)
 {
+	FuTpmDevice *device;
+	GPtrArray *devices;
 	gboolean ret;
+	g_autofree gchar *pluginfn = NULL;
+	g_autofree gchar *testdatadir = NULL;
 	g_autoptr(FuContext) ctx = fu_context_new();
-	g_autoptr(FuTpmDevice) device = fu_tpm_v1_device_new(ctx);
+	g_autoptr(FuPlugin) plugin = fu_plugin_new(ctx);
+	g_autoptr(FuSecurityAttrs) attrs = fu_security_attrs_new();
+	g_autoptr(FwupdSecurityAttr) attr = NULL;
 	g_autoptr(GError) error = NULL;
 	g_autoptr(GPtrArray) pcr0s = NULL;
 	g_autoptr(GPtrArray) pcrXs = NULL;
-	g_autofree gchar *testdatadir = NULL;
 
-	testdatadir = g_test_build_filename(G_TEST_DIST, "tests", "tpm0", "pcrs", NULL);
+	/* do not save silo */
-	g_object_set(device, "device-file", testdatadir, NULL);
+	ret = fu_context_load_quirks(ctx, FU_QUIRKS_LOAD_FLAG_NO_CACHE, &error);
-
-	ret = fu_device_setup(FU_DEVICE(device), &error);
 	g_assert_no_error(error);
 	g_assert_true(ret);
+
+	/* load the plugin */
+	pluginfn = g_test_build_filename(G_TEST_BUILT, "libfu_plugin_tpm." G_MODULE_SUFFIX, NULL);
+	ret = fu_plugin_open(plugin, pluginfn, &error);
+	g_assert_no_error(error);
+	g_assert_true(ret);
+	ret = fu_plugin_runner_startup(plugin, &error);
+	g_assert_no_error(error);
+	g_assert_true(ret);
+
+	/* get the v1.2 device */
+	devices = fu_plugin_get_devices(plugin);
+	g_assert_cmpint(devices->len, ==, 1);
+	device = g_ptr_array_index(devices, 0);
+	g_assert_true(FU_IS_TPM_DEVICE(device));
+
+	/* verify checksums set correctly */
 	pcr0s = fu_tpm_device_get_checksums(device, 0);
 	g_assert_nonnull(pcr0s);
 	g_assert_cmpint(pcr0s->len, ==, 1);
 	pcrXs = fu_tpm_device_get_checksums(device, 999);
 	g_assert_nonnull(pcrXs);
 	g_assert_cmpint(pcrXs->len, ==, 0);
+
+	/* verify HSI attr */
+	fu_plugin_runner_add_security_attrs(plugin, attrs);
+	attr = fu_security_attrs_get_by_appstream_id(attrs, FWUPD_SECURITY_ATTR_ID_TPM_VERSION_20);
+	g_assert_nonnull(attr);
+	g_assert_cmpint(fwupd_security_attr_get_result(attr),
+			==,
+			FWUPD_SECURITY_ATTR_RESULT_NOT_ENABLED);
 }
 
 static void
@@ -159,6 +189,7 @@ main(int argc, char **argv)
 	testdatadir = g_test_build_filename(G_TEST_DIST, "tests", NULL);
 	g_setenv("FWUPD_SYSFSFWDIR", testdatadir, TRUE);
 	g_setenv("FWUPD_SYSFSDRIVERDIR", testdatadir, TRUE);
+	g_setenv("FWUPD_SYSFSTPMDIR", testdatadir, TRUE);
 	g_setenv("FWUPD_UEFI_TEST", "1", TRUE);
 
 	/* only critical and error are fatal */

plugins/tpm/meson.build

@@ -10,7 +10,7 @@ install_data([
   install_dir: join_paths(datadir, 'fwupd', 'quirks.d')
 )
 
-shared_module('fu_plugin_tpm',
+plugin_tpm = shared_module('fu_plugin_tpm',
   fu_hash,
   sources : [
     'fu-plugin-tpm.c',
@@ -46,6 +46,7 @@ if get_option('tests')
   e = executable(
     'tpm-self-test',
     fu_hash,
+    plugin_tpm,
     sources : [
       'fu-self-test.c',
       'fu-tpm-device.c',