[swtpm.git] / tests / _test_tpm2_init

#!/bin/bash

# For the license, see the LICENSE file in the root directory.
#set -x

ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}

VTPM_NAME="vtpm-test-tpm2-init"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
export TPM_PATH=$(mktemp -d)
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock

function cleanup()
{
	pid=${SWTPM_PID}
	if [ -n "$pid" ]; then
		kill_quiet -9 $pid
	fi
	rm -rf $TPM_PATH
}

trap "cleanup" EXIT

[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
source ${TESTDIR}/common

rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null

if has_seccomp_support "${SWTPM_EXE}"; then
	SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
fi

run_swtpm ${SWTPM_INTERFACE} --tpm2

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	exit 1
fi

# Init the TPM again but make its state file inaccessible; this only
# works if the TPM runs as non-rootchmod 000 "${STATE_FILE}"
if [ "$(id -u)" != "0" ]; then
	chmod 000 "${STATE_FILE}"
	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	if [ $? -eq 0 ]; then
		echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
		exit 1
	fi

	sleep 0.5

	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
	if [ $? -ne 0 ]; then
		echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
		exit 1
	fi
	chmod 664 "${STATE_FILE}"

	# Init the TPM again; now with state file accessible again
	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	if [ $? -ne 0 ]; then
		echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
		exit 1
	fi

	sleep 0.5

	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
	if [ $? -ne 0 ]; then
		echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
		exit 1
	fi
fi

check_seccomp_profile "${SWTPM_EXE}" ${SWTPM_PID} 0
if [ $? -ne 0 ]; then
	exit 1
fi

# Shut down
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

if wait_process_gone ${SWTPM_PID} 4; then
	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	exit 1
fi

if [ ! -e $STATE_FILE ]; then
	echo "Error: TPM state file $STATE_FILE does not exist."
	exit 1
fi

echo "OK"

exit 0
Commit	Line	Data
3008874c SB	1	#!/bin/bash
	2
	3	# For the license, see the LICENSE file in the root directory.
	4	#set -x
	5
313cf75c SB	6	ROOT=${abs_top_builddir:-$(pwd)/..}
	7	TESTDIR=${abs_top_testdir:-$(dirname "$0")}
	8
3008874c SB	9	VTPM_NAME="vtpm-test-tpm2-init"
	10	SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
	11	export TPM_PATH=$(mktemp -d)
	12	STATE_FILE=$TPM_PATH/tpm2-00.permall
	13	VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
	14	SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
	15	SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
	16	SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
	17
	18	function cleanup()
	19	{
	20	pid=${SWTPM_PID}
	21	if [ -n "$pid" ]; then
47c7ea77	22	kill_quiet -9 $pid
3008874c SB	23	fi
	24	rm -rf $TPM_PATH
	25	}
	26
	27	trap "cleanup" EXIT
	28
313cf75c SB	29	[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
313cf75c SB	30	source ${TESTDIR}/common
3008874c SB	31
	32	rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
	33
9c2e4dc5	34	if has_seccomp_support "${SWTPM_EXE}"; then
930c7ba1	35	SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
a3820b86 SB	36	fi
a3820b86 SB	37
930c7ba1	38	run_swtpm ${SWTPM_INTERFACE} --tpm2
3008874c	39
100317d5	40	display_processes_by_name "$SWTPM"
3008874c	41
47c7ea77	42	kill_quiet -0 ${SWTPM_PID}
3008874c SB	43	if [ $? -ne 0 ]; then
	44	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	45	exit 1
	46	fi
	47
	48	# Init the TPM
	49	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	50	if [ $? -ne 0 ]; then
	51	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	52	exit 1
	53	fi
	54
47c7ea77	55	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
3008874c SB	56	if [ $? -ne 0 ]; then
	57	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	58	exit 1
	59	fi
	60
	61	# Init the TPM again but make its state file inaccessible; this only
	62	# works if the TPM runs as non-rootchmod 000 "${STATE_FILE}"
	63	if [ "$(id -u)" != "0" ]; then
	64	chmod 000 "${STATE_FILE}"
	65	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	66	if [ $? -eq 0 ]; then
	67	echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
	68	exit 1
	69	fi
	70
	71	sleep 0.5
	72
47c7ea77	73	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
3008874c SB	74	if [ $? -ne 0 ]; then
	75	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
	76	exit 1
	77	fi
	78	chmod 664 "${STATE_FILE}"
	79
	80	# Init the TPM again; now with state file accessible again
	81	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	82	if [ $? -ne 0 ]; then
	83	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	84	exit 1
	85	fi
	86
	87	sleep 0.5
	88
47c7ea77	89	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
3008874c SB	90	if [ $? -ne 0 ]; then
	91	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	92	exit 1
	93	fi
	94	fi
	95
9c2e4dc5	96	check_seccomp_profile "${SWTPM_EXE}" ${SWTPM_PID} 0
a3820b86 SB	97	if [ $? -ne 0 ]; then
	98	exit 1
	99	fi
	100
3008874c SB	101	# Shut down
	102	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	103	if [ $? -ne 0 ]; then
	104	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	105	exit 1
	106	fi
	107
45d2d092	108	if wait_process_gone ${SWTPM_PID} 4; then
3008874c SB	109	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	110	exit 1
	111	fi
	112
	113	if [ ! -e $STATE_FILE ]; then
	114	echo "Error: TPM state file $STATE_FILE does not exist."
	115	exit 1
	116	fi
	117
	118	echo "OK"
	119
	120	exit 0