swtpm: Disable fsync on file & dir due to TPM timeouts (issue #597)

[swtpm.git] / tests / _test_tpm2_resume_volatile

#!/bin/bash

# For the license, see the LICENSE file in the root directory.
#set -x

ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}

VTPM_NAME=${vtpm-test-tpm2-resume-volatile:-VTPM_NAME}
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}

tpmstatedir="$(mktemp -d)"
if [ -z "$tpmstatedir" ]; then
	echo "Could not create temporary directory"
	exit 1
fi

SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock

function cleanup()
{
	pid=${SWTPM_PID}
	if [ -n "$pid" ]; then
		kill_quiet -9 $pid
	fi
	rm -rf $tpmstatedir
}

trap "cleanup" EXIT

[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
source ${TESTDIR}/common

export TPM_PATH=$tpmstatedir

# copy all the state files
cp ${TESTDIR}/data/tpm2state1/* ${TPM_PATH}

run_swtpm ${SWTPM_INTERFACE} --tpm2

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Could not initialize the CUSE TPM."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM not running anymore after INIT."
	exit 1
fi

swtpm_open_cmddev ${SWTPM_INTERFACE} 100

# Read PCR 10 (from pcrextend -ha 10 -ic test)
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Save the volatile state again
run_swtpm_ioctl ${SWTPM_INTERFACE} -v
if [ $? -ne 0 ]; then
	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
	exit 1
fi
if [ ! -r $VOLATILE_STATE_FILE ]; then
	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s

echo "Test 1: Ok"

# 2nd test: with encrypted state
# copy all the state files
cp ${TESTDIR}/data/tpm2state2/* ${TPM_PATH}

run_swtpm ${SWTPM_INTERFACE} \
	--tpm2 \
	--key pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM initialization failed."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM not running anymore after INIT."
	exit 1
fi

swtpm_open_cmddev ${SWTPM_INTERFACE} 100
if [ $? -ne 0 ]; then
	echo "Error: Could not open command interface."
	ext 1
fi

# Read PCR 10  (from pcrextend -ha 10 -ic test)
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Save the volatile state again
run_swtpm_ioctl ${SWTPM_INTERFACE} -v
if [ $? -ne 0 ]; then
	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
	exit 1
fi
if [ ! -r $VOLATILE_STATE_FILE ]; then
	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the CUSE TPM."
	exit 1
fi

echo "Test 2: Ok"

# 3rd test: with encrypted state using aes-256-cbc
# copy all the state files
cp ${TESTDIR}/data/tpm2state2b/* ${TPM_PATH}

run_swtpm ${SWTPM_INTERFACE} \
	--tpm2 \
	--key pwdfile=${TESTDIR}/data/tpm2state2b/pwdfile.txt,mode=aes-256-cbc

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM initialization failed."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: CUSE TPM not running anymore after INIT."
	exit 1
fi

swtpm_open_cmddev ${SWTPM_INTERFACE} 100
if [ $? -ne 0 ]; then
	echo "Error: Could not open command interface."
	ext 1
fi

# Read PCR 10  (from pcrextend -ha 10 -ic test)
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Save the volatile state again
run_swtpm_ioctl ${SWTPM_INTERFACE} -v
if [ $? -ne 0 ]; then
	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
	exit 1
fi
if [ ! -r $VOLATILE_STATE_FILE ]; then
	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the CUSE TPM."
	exit 1
fi

echo "Test 3: Ok"