-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add TESTPLAN.md for AMD Test Suite
Signed-off-by: Christian Walter <christian.walter@9elements.com>
- Loading branch information
1 parent
89504a1
commit 93955ab
Showing
1 changed file
with
29 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| Id | Group | Test | Implemented | Reference | Notes | ||
| ------------|------------|------------|------------|------------|------------ | ||
| 00 | General | Detect Family and Model | :x: | - | This test detects which AMD family the test suite is executed on. If it can not detect the family, all other test will fail. | ||
| 10 | PSB | `PSB Status` Register contains zero value | :x: | - | A non-zero value indicates an error. | ||
| 11 | PSB | Platform Secure Boot is enabled | :x: | - | Read `FUSE_PLATFORM_SECURE_BOOT_EN` from `PSB_STATUS`. | ||
| 12 | PSB | Platform Vendor ID is not zero | :x: | - | Should be non-zero | ||
| 13 | PSB | Platform Model ID is not zero | :x: | - | Should be non-zero | ||
| 14 | PSB | Read BIOS Key Revision is not zero | :x: | - | Should be non zero | ||
| 15 | PSB | AMD Key is disabled | :x: | - | If the AMD key is not disabled, the system will still boot AMD signed firmware | ||
| 16 | PSB | Secure Debug is disabled | :x: | - | - | ||
| 17 | PSB | Keys are fused | :x: | - | Test checks if the customer keys have been fused by reading `Customer Key Lock` from the `PSB_STATUS` register. | ||
| 18 | PSB | PSB Policy Hash | :x: | - | Check the PSB Policy Hash | ||
| 19 | PSB | Revocation Status | :x: | - | Check the Revokation Status | ||
| 20 | SME | SME Support | :x: | - | Test checks `0x8000001f` | ||
| 21 | SME | SME Enabled | :x: | - | Test checks `MSR_AMD64_SYSCFG` | ||
| 22 | SME | SME Kernel Option Set | :x: | - | Only Informative | ||
| 23 | SME | SME Kernel Commandline | :x: | - | Only Informative | ||
| 24 | SME | Verify SME Functionality | :x: | - | Check if Memory Pages are marked for encryption | ||
| 30 | SEV | SEV Support | :x: | - | Test checks `0x8000001f` | ||
| 31 | SEV | SEV Enabled | :x: | - | Test checks `MSR_AMD64_SEV` | ||
| 32 | SEV | SEV Firmware Version Validation | :x: | - | Verify the SEV Firmware Version | ||
| 33 | SEV | SEV Guest Configuration Validation | :x: | - | Verify the Guest Configuration for a VM | ||
| 40 | SEV-SNP| SEV-SNP Support | :x: | - | - | ||
| 41 | SEV-SNP| SEV-SNP Enabled | :x: | - | - | ||
| 42 | SEV-SNP| SEV-SNP Debug Registers disabled | :x: | - | CPU Debug Registers can be enabled / disabled through `SEV_FEATURES` | ||
| 43 | SEV-SNP | Side-Channel Protection enabled | :x: | - | Taken from `15.36.17 Side-Channel Protection` (https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf) | ||
| 44 | SEV-SNP | SEV-SNP Firmware Version Validation | :x: | - | Firmware Version Validation | ||
| 45 | SEV-SNP | Measurement of SNP Protected VM Boot | :x: | - | Verify the integrity measurement taken during the SNP-protected VM boot process. | ||
| 46 | SEV-SNP | SNP Attestation Reporting | :x: | - | Check that the attestation reports generated by SEV-SNP are accurate and verifiable. |