]>
Commit | Line | Data |
---|---|---|
3008874c SB |
1 | #!/bin/bash |
2 | ||
3 | # For the license, see the LICENSE file in the root directory. | |
4 | #set -x | |
5 | ||
313cf75c SB |
6 | ROOT=${abs_top_builddir:-$(pwd)/..} |
7 | TESTDIR=${abs_top_testdir:-$(dirname "$0")} | |
8 | ||
3008874c SB |
9 | VTPM_NAME="vtpm-test-tpm2-hashing2" |
10 | SWTPM_DEV_NAME="/dev/${VTPM_NAME}" | |
cce7503c | 11 | export TPM_PATH="$(mktemp -d)" || exit 1 |
3008874c SB |
12 | STATE_FILE=$TPM_PATH/tpm2-00.permall |
13 | VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate | |
14 | SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse} | |
15 | SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock | |
16 | SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock | |
17 | ||
18 | function cleanup() | |
19 | { | |
20 | pid=${SWTPM_PID} | |
21 | if [ -n "$pid" ]; then | |
47c7ea77 | 22 | kill_quiet -9 $pid |
3008874c SB |
23 | fi |
24 | rm -rf $TPM_PATH | |
25 | } | |
26 | ||
27 | trap "cleanup" EXIT | |
28 | ||
313cf75c SB |
29 | [ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse |
30 | source ${TESTDIR}/common | |
3008874c SB |
31 | |
32 | rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null | |
33 | ||
34 | run_swtpm ${SWTPM_INTERFACE} --tpm2 | |
35 | ||
100317d5 | 36 | display_processes_by_name "$SWTPM" |
3008874c | 37 | |
47c7ea77 | 38 | kill_quiet -0 ${SWTPM_PID} |
3008874c SB |
39 | if [ $? -ne 0 ]; then |
40 | echo "Error: ${SWTPM_INTERFACE} TPM did not start." | |
41 | exit 1 | |
42 | fi | |
43 | ||
44 | # Init the TPM | |
45 | run_swtpm_ioctl ${SWTPM_INTERFACE} -i | |
46 | if [ $? -ne 0 ]; then | |
47 | echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM." | |
48 | exit 1 | |
49 | fi | |
50 | ||
47c7ea77 | 51 | kill_quiet -0 ${SWTPM_PID} 2>/dev/null |
3008874c SB |
52 | if [ $? -ne 0 ]; then |
53 | echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT." | |
54 | exit 1 | |
55 | fi | |
56 | ||
3008874c SB |
57 | # Startup the TPM |
58 | RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00') | |
59 | exp=' 80 01 00 00 00 0a 00 00 00 00' | |
60 | if [ "$RES" != "$exp" ]; then | |
61 | echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)" | |
62 | echo "expected: $exp" | |
63 | echo "received: $RES" | |
64 | exit 1 | |
65 | fi | |
66 | ||
67 | # Check the TPM Established bit before the hashing | |
68 | RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e) | |
69 | if [ $? -ne 0 ]; then | |
70 | echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM." | |
71 | exit 1 | |
72 | fi | |
73 | ||
74 | exp='tpmEstablished is 0' | |
75 | if [ "$RES" != "$exp" ]; then | |
76 | echo "Error (1): TPM Established flag has wrong value." | |
77 | echo "expected: $exp" | |
78 | echo "received: $RES" | |
79 | exit 1 | |
80 | fi | |
81 | ||
82 | run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234 | |
83 | if [ $? -ne 0 ]; then | |
84 | echo "Error: The hash command failed." | |
85 | exit 1 | |
86 | fi | |
87 | ||
3008874c SB |
88 | # Read PCR 17 |
89 | # length CC count hashalg sz | |
90 | RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02') | |
91 | # disregard the update counter using a regex comparison | |
92 | exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54' | |
93 | if [[ "$RES" =~ "$exp" ]]; then | |
94 | echo "Error: (1) Did not get expected result from TPM_PCRRead(17)" | |
95 | echo "expected: $exp" | |
96 | echo "received: $RES" | |
97 | exit 1 | |
98 | fi | |
99 | ||
100 | # Check the TPM Established bit after the hashing | |
101 | RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e) | |
102 | if [ $? -ne 0 ]; then | |
103 | echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM." | |
104 | exit 1 | |
105 | fi | |
106 | ||
107 | exp='tpmEstablished is 1' | |
108 | if [ "$RES" != "$exp" ]; then | |
109 | echo "Error (2): TPM Established flag has wrong value." | |
110 | echo "expected: $exp" | |
111 | echo "received: $RES" | |
112 | exit 1 | |
113 | fi | |
114 | ||
115 | # Reset the establishment bit; we switch to locality 0 and reset via locality 3 | |
116 | run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0 | |
117 | if [ $? -ne 0 ]; then | |
118 | echo "Error: Could not set locality 0" | |
119 | exit 1 | |
120 | fi | |
121 | ||
122 | for ((l = 0; l <= 2; l++)); do | |
123 | # Resetting via locality 2 must fail | |
f759520c | 124 | ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l 2>&1)" |
3008874c SB |
125 | if [ $? -eq 0 ]; then |
126 | echo "Error: Could reset the establishment bit via locality $l" | |
127 | exit 1 | |
128 | fi | |
f759520c SB |
129 | exp="TPM result from PTM_RESET_TPMESTABLISHED: 0x3d" |
130 | if [ "$ERR" != "$exp" ]; then | |
131 | echo "Error: Unexpected error message" | |
132 | echo "Received: $ERR" | |
133 | echo "Expected: $exp" | |
134 | exit 1 | |
135 | fi | |
3008874c SB |
136 | done |
137 | ||
138 | # Resetting via locality 3 must work | |
139 | run_swtpm_ioctl ${SWTPM_INTERFACE} -r 3 | |
140 | if [ $? -ne 0 ]; then | |
141 | echo "Error: Could not reset the establishment bit via locality 3" | |
142 | exit 1 | |
143 | fi | |
144 | ||
145 | # Check the TPM Established bit after the reset | |
146 | RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e) | |
147 | if [ $? -ne 0 ]; then | |
148 | echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM." | |
149 | exit 1 | |
150 | fi | |
151 | ||
152 | exp='tpmEstablished is 0' | |
153 | if [ "$RES" != "$exp" ]; then | |
154 | echo "Error (3): TPM Established flag has wrong value." | |
155 | echo "expected: $exp" | |
156 | echo "received: $RES" | |
157 | exit 1 | |
158 | fi | |
159 | ||
160 | # Read from a file | |
161 | dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \ | |
162 | run_swtpm_ioctl ${SWTPM_INTERFACE} -h - | |
163 | ||
3008874c SB |
164 | # Read PCR 17 |
165 | # length CC count hashalg sz | |
166 | RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02') | |
167 | # disregard the update counter using a regex comparison | |
168 | exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 27 7e de f1 02 56 46 5d 8e 71 65 38 3f d3 63 c9 8a be 89 e2 90 2e 4d 3a 2b 3a 30 80 2f 28 af 19' | |
169 | if [[ "$RES" =~ "$exp" ]]; then | |
170 | echo "Error: (2) Did not get expected result from TPM_PCRRead(17)" | |
171 | echo "expected: $exp" | |
172 | echo "received: $RES" | |
173 | exit 1 | |
174 | fi | |
175 | ||
176 | run_swtpm_ioctl ${SWTPM_INTERFACE} -s | |
177 | if [ $? -ne 0 ]; then | |
178 | echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM." | |
179 | exit 1 | |
180 | fi | |
181 | ||
182 | sleep 0.5 | |
183 | ||
47c7ea77 | 184 | kill_quiet -0 ${SWTPM_PID} 2>/dev/null |
3008874c SB |
185 | if [ $? -eq 0 ]; then |
186 | echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore." | |
187 | exit 1 | |
188 | fi | |
189 | ||
190 | if [ ! -e $STATE_FILE ]; then | |
191 | echo "Error: TPM state file $STATE_FILE does not exist." | |
192 | exit 1 | |
193 | fi | |
194 | ||
195 | echo "OK" | |
196 | ||
197 | exit 0 |