]>
Commit | Line | Data |
---|---|---|
f3a14917 | 1 | |
f3a14917 | 2 | SWTPM=swtpm |
19e05751 SB |
3 | SWTPM_EXE=${SWTPM_EXE:-${ROOT}/src/swtpm/${SWTPM}} |
4 | SWTPM_IOCTL=${SWTPM_IOCTL:-${ROOT}/src/swtpm_ioctl/swtpm_ioctl} | |
5 | SWTPM_BIOS=${SWTPM_BIOS:-${ROOT}/src/swtpm_bios/swtpm_bios} | |
0db8249c | 6 | SWTPM_SETUP=${SWTPM_SETUP:-${ROOT}/src/swtpm_setup/swtpm_setup} |
f3a14917 SB |
7 | ECHO=$(type -P echo) |
8 | ||
35e571b4 SB |
9 | # Note: Do not use file descriptors above 127 due to OpenBSD. |
10 | ||
47c7ea77 SB |
11 | # Kill a process quietly |
12 | # @1: signal, e.g. -9 | |
13 | # @2: pid | |
14 | function kill_quiet() | |
15 | { | |
16 | local sig="$1" | |
17 | local pid="$2" | |
18 | ||
19 | bash -c "kill $sig $pid &>/dev/null" | |
20 | return $? | |
21 | } | |
22 | ||
86e8f605 | 23 | # Wait for a regular file to appear and for it to have > 0 bytes |
35e571b4 SB |
24 | # |
25 | # @1: filename | |
26 | # @2: timeout in seconds | |
27 | function wait_for_file() | |
28 | { | |
29 | local filename="$1" | |
30 | local timeout="$2" | |
31 | ||
32 | local loops=$((timeout * 10)) loop | |
33 | ||
34 | for ((loop=0; loop<loops; loop++)); do | |
86e8f605 | 35 | [ -f "${filename}" ] && [ $(get_filesize ${filename}) != 0 ] && { |
c46d6717 SB |
36 | return 1 |
37 | } | |
35e571b4 SB |
38 | sleep 0.1 |
39 | done | |
40 | return 0 | |
41 | } | |
42 | ||
6098d7ba SB |
43 | # Wait for a regular file to disappear |
44 | # | |
45 | # @1: filename | |
46 | # @2: timeout in seconds | |
47 | function wait_file_gone() | |
48 | { | |
49 | local filename="$1" | |
50 | local timeout="$2" | |
51 | ||
52 | local loops=$((timeout * 10)) loop | |
53 | ||
54 | for ((loop=0; loop<loops; loop++)); do | |
55 | [ -f "${filename}" ] || return 1 | |
56 | sleep 0.1 | |
57 | done | |
58 | return 0 | |
59 | } | |
60 | ||
142a2974 SB |
61 | # Wait for a process with given PID to be gone |
62 | # | |
63 | # @1: pid | |
64 | # @2: timeout in seconds | |
65 | function wait_process_gone() | |
66 | { | |
67 | local pid="$1" | |
68 | local timeout="$2" | |
69 | ||
70 | local loops=$((timeout * 10)) loop | |
71 | ||
72 | for ((loop=0; loop<loops; loop++)); do | |
47c7ea77 | 73 | kill_quiet -0 ${pid} || return 1 |
142a2974 SB |
74 | sleep 0.1 |
75 | done | |
76 | return 0 | |
77 | } | |
78 | ||
35e571b4 SB |
79 | # Wait for a chardev to appear |
80 | # | |
81 | # @1: filename | |
82 | # @2: timeout in seconds | |
83 | function wait_for_chardev() | |
84 | { | |
85 | local filename="$1" | |
86 | local timeout="$2" | |
87 | ||
88 | local loops=$((timeout * 10)) loop | |
89 | ||
90 | for ((loop=0; loop<loops; loop++)); do | |
91 | [ -c "${filename}" ] && return 1 | |
92 | sleep 0.1 | |
93 | done | |
94 | return 0 | |
95 | } | |
96 | ||
bd8f3581 SB |
97 | # Wait for a chardev to disappear |
98 | # | |
99 | # @1: filename | |
100 | # @2: timeout in seconds | |
101 | function wait_chardev_gone() | |
102 | { | |
103 | local filename="$1" | |
104 | local timeout="$2" | |
105 | ||
106 | local loops=$((timeout * 10)) loop | |
107 | ||
108 | for ((loop=0; loop<loops; loop++)); do | |
109 | [ -c "${filename}" ] || return 1 | |
110 | sleep 0.1 | |
111 | done | |
112 | return 0 | |
113 | } | |
114 | ||
35e571b4 SB |
115 | # Wait for a socket file to appear |
116 | # | |
117 | # @1: filename | |
118 | # @2: timeout in seconds | |
119 | function wait_for_socketfile() | |
120 | { | |
121 | local filename="$1" | |
122 | local timeout="$2" | |
123 | ||
124 | local loops=$((timeout * 10)) loop | |
125 | ||
126 | for ((loop=0; loop<loops; loop++)); do | |
127 | [ -S "${filename}" ] && return 1 | |
128 | sleep 0.1 | |
129 | done | |
130 | return 0 | |
131 | } | |
132 | ||
bd8f3581 SB |
133 | # Wait for a socket file to disappear |
134 | # | |
135 | # @1: filename | |
136 | # @2: timeout in seconds | |
137 | function wait_socketfile_gone() | |
138 | { | |
139 | local filename="$1" | |
140 | local timeout="$2" | |
141 | ||
142 | local loops=$((timeout * 10)) loop | |
143 | ||
144 | for ((loop=0; loop<loops; loop++)); do | |
145 | [ -S "${filename}" ] || return 1 | |
146 | sleep 0.1 | |
147 | done | |
148 | return 0 | |
149 | } | |
150 | ||
35e571b4 SB |
151 | # Wait for a server socket to appear |
152 | # | |
153 | # @1: port | |
154 | # @2: host | |
155 | # @3: timeout in seconds | |
156 | function wait_for_serversocket() | |
157 | { | |
158 | local port="$1" | |
159 | local host="$2" | |
160 | local timeout="$3" | |
161 | ||
162 | local loops=$((timeout * 10)) loop | |
163 | ||
164 | for ((loop=0; loop<loops; loop++)); do | |
165 | (exec 127<>/dev/tcp/${host}/${port}) &>/dev/null | |
166 | [ $? -eq 0 ] && return 1 | |
167 | sleep 0.1 | |
168 | done | |
169 | return 0 | |
170 | } | |
171 | ||
bd8f3581 SB |
172 | # Wait for a server socket to disappear |
173 | # | |
174 | # @1: port | |
175 | # @2: host | |
176 | # @3: timeout in seconds | |
177 | function wait_serversocket_gone() | |
178 | { | |
179 | local port="$1" | |
180 | local host="$2" | |
181 | local timeout="$3" | |
182 | ||
183 | local loops=$((timeout * 10)) loop | |
184 | ||
185 | for ((loop=0; loop<loops; loop++)); do | |
186 | (exec 127<>/dev/tcp/${host}/${port}) &>/dev/null | |
187 | [ $? -eq 0 ] || return 1 | |
188 | sleep 0.1 | |
189 | done | |
190 | return 0 | |
191 | } | |
192 | ||
c5748a53 SB |
193 | # Wait for a TCP port to open for listening |
194 | # @1: port | |
195 | # @2: id of process to open port | |
196 | # @3: timeout in seconds | |
197 | function wait_port_open() | |
198 | { | |
199 | local port=$1 | |
200 | local pid=$2 | |
201 | local timeout=$3 | |
202 | ||
203 | local loops=$((timeout * 10)) loop | |
204 | ||
205 | for ((loop = 0; loop < loops; loop++)); do | |
206 | if [ -n "$(netstat -naptl 2>/dev/null | | |
207 | grep "LISTEN" | | |
208 | grep " $pid/" | | |
209 | grep ":$port ")" ]; then | |
210 | return 1 | |
211 | fi | |
212 | sleep 0.1 | |
213 | done | |
214 | return 0 | |
215 | } | |
216 | ||
217 | # Wait for a TCP listening port to close | |
218 | # @1: port | |
219 | # @2: id of process to close port | |
220 | # @3: timeout in seconds | |
221 | function wait_port_closed() | |
222 | { | |
223 | local port=$1 | |
224 | local pid=$2 | |
225 | local timeout=$3 | |
226 | ||
227 | local loops=$((timeout * 10)) loop | |
228 | ||
229 | for ((loop = 0; loop < loops; loop++)); do | |
230 | if [ -z "$(netstat -naptl 2>/dev/null | | |
231 | grep "LISTEN" | | |
232 | grep " $pid/" | | |
233 | grep ":$port ")" ]; then | |
234 | return 1 | |
235 | fi | |
236 | sleep 0.1 | |
237 | done | |
238 | return 0 | |
239 | } | |
240 | ||
f3a14917 SB |
241 | # Run the swtpm_ioctl command |
242 | # | |
243 | # @param1: type of interface | |
244 | function run_swtpm_ioctl() | |
245 | { | |
246 | local iface=$1; shift | |
247 | ||
248 | case "${iface}" in | |
249 | cuse) | |
250 | [ -z "${SWTPM_DEV_NAME}" ] && { | |
251 | echo "SWTPM_DEV_NAME not defined" | |
252 | exit 1 | |
253 | } | |
254 | ${SWTPM_IOCTL} $@ ${SWTPM_DEV_NAME} | |
255 | return $? | |
256 | ;; | |
257 | socket+socket|unix+socket) | |
258 | [ -z "${SWTPM_SERVER_NAME}" ] && { | |
259 | echo "SWTPM_SERVER_NAME not defined" | |
260 | exit 1 | |
261 | } | |
262 | [ -z "${SWTPM_SERVER_PORT}" ] && { | |
263 | echo "SWTPM_SERVER_PORT not defined" | |
264 | exit 1 | |
265 | } | |
266 | ${SWTPM_IOCTL} \ | |
267 | --tcp ${SWTPM_SERVER_NAME}:${SWTPM_CTRL_PORT} \ | |
268 | $@ | |
269 | return $? | |
270 | ;; | |
271 | socket+unix|unix+unix) | |
272 | [ -z "${SWTPM_CTRL_UNIX_PATH}" ] && { | |
273 | echo "SWTPM_CTRL_UNIX_PATH not defined" | |
274 | exit 1 | |
275 | } | |
276 | ${SWTPM_IOCTL} \ | |
277 | --unix ${SWTPM_CTRL_UNIX_PATH} \ | |
278 | $@ | |
279 | return $? | |
280 | ;; | |
281 | esac | |
282 | } | |
283 | ||
284 | # Start the swtpm in the background | |
285 | # | |
286 | # @param1: type of interface | |
287 | # @param2.. : parameters to pass to 'swtpm' | |
288 | function run_swtpm() | |
289 | { | |
290 | local iface=$1; shift | |
03c7fe45 | 291 | local swtpm_server_disconnect="" |
f3a14917 SB |
292 | |
293 | echo "==== Starting swtpm with interfaces ${iface} ====" | |
03c7fe45 SB |
294 | if [ -z "${SWTPM_SERVER_NO_DISCONNECT}" ]; then |
295 | swtpm_server_disconnect=",disconnect" | |
296 | fi | |
f3a14917 SB |
297 | |
298 | case "${iface}" in | |
299 | cuse) | |
300 | [ -z "${SWTPM_DEV_NAME}" ] && { | |
301 | echo "SWTPM_DEV_NAME not defined" | |
302 | exit 1 | |
303 | } | |
35e571b4 | 304 | |
bd8f3581 SB |
305 | if wait_chardev_gone ${SWTPM_DEV_NAME} 2; then |
306 | echo "${SWTPM_DEV_NAME} is still there and may be used." | |
307 | exit 1 | |
308 | fi | |
309 | ||
930c7ba1 SB |
310 | ${SWTPM_EXE} cuse $@ ${SWTPM_TEST_SECCOMP_OPT} \ |
311 | -n ${SWTPM_DEV_NAME##*/} | |
35e571b4 SB |
312 | rc=$? |
313 | if [ $rc -ne 0 ]; then | |
314 | echo "Could not run ${SWTPM_EXE} using ${iface}" | |
315 | exit 1 | |
316 | fi | |
317 | if wait_for_chardev ${SWTPM_DEV_NAME} 2; then | |
318 | echo "$SWTPM_DEV_NAME did not appear" | |
319 | exit 1 | |
320 | fi | |
321 | ||
f3a14917 SB |
322 | SWTPM_PID=$(ps aux | |
323 | grep "cuse" | | |
324 | grep -E " ${SWTPM_DEV_NAME##*/}\$" | | |
325 | grep -v grep | | |
326 | gawk '{print $2}') | |
327 | return $? | |
328 | ;; | |
329 | socket+socket) | |
330 | [ -z "${SWTPM_SERVER_PORT}" ] && { | |
331 | echo "SWTPM_SERVER_PORT not defined" | |
332 | exit 1 | |
333 | } | |
334 | [ -z "${SWTPM_CTRL_PORT}" ] && { | |
335 | echo "SWTPM_CTRL_PORT not defined" | |
336 | exit 1 | |
337 | } | |
bd8f3581 SB |
338 | |
339 | if wait_serversocket_gone "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then | |
340 | echo "Port ${SWTPM_SERVER_PORT} is still used" | |
341 | exit 1 | |
342 | fi | |
343 | if wait_serversocket_gone "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then | |
344 | echo "Port ${SWTPM_CTRL_PORT} is still used" | |
345 | exit 1 | |
346 | fi | |
347 | ||
f3a14917 | 348 | ${SWTPM_EXE} socket $@ \ |
930c7ba1 | 349 | ${SWTPM_TEST_SECCOMP_OPT} \ |
03c7fe45 | 350 | --server type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect} \ |
f3a14917 SB |
351 | --ctrl type=tcp,port=${SWTPM_CTRL_PORT} & |
352 | rc=$? | |
35e571b4 SB |
353 | if [ $rc -ne 0 ]; then |
354 | echo "Could not run ${SWTPM_EXE} using ${iface}" | |
355 | exit 1 | |
356 | fi | |
f3a14917 | 357 | SWTPM_PID=$! |
35e571b4 SB |
358 | if wait_for_serversocket "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then |
359 | echo "Server did not open port ${SWTPM_SERVER_PORT}" | |
360 | kill -9 ${SWTPM_PID} | |
361 | exit 1 | |
362 | fi | |
363 | if wait_for_serversocket "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then | |
364 | echo "Server did not open port ${SWTPM_CTRL_PORT}" | |
365 | kill -9 ${SWTPM_PID} | |
366 | exit 1 | |
367 | fi | |
368 | return 0 | |
f3a14917 SB |
369 | ;; |
370 | socket+unix) | |
371 | [ -z "${SWTPM_SERVER_PORT}" ] && { | |
372 | echo "SWTPM_SERVER_PORT not defined" | |
373 | exit 1 | |
374 | } | |
375 | [ -z "${SWTPM_CTRL_UNIX_PATH}" ] && { | |
376 | echo "SWTPM_CTRL_UNIX_PATH not defined" | |
377 | exit 1 | |
378 | } | |
bd8f3581 SB |
379 | |
380 | if wait_serversocket_gone "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then | |
381 | echo "Port ${SWTPM_SERVER_PORT} is still used" | |
382 | exit 1 | |
383 | fi | |
384 | if wait_socketfile_gone "${SWTPM_CTRL_UNIX_PATH}" 2; then | |
385 | echo "Unix socket ${SWTPM_CTRL_UNIX_PATH} is still there" | |
386 | exit 1 | |
387 | fi | |
388 | ||
f3a14917 | 389 | ${SWTPM_EXE} socket $@ \ |
930c7ba1 | 390 | ${SWTPM_TEST_SECCOMP_OPT} \ |
03c7fe45 | 391 | --server type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect} \ |
f3a14917 SB |
392 | --ctrl type=unixio,path=${SWTPM_CTRL_UNIX_PATH} & |
393 | rc=$? | |
35e571b4 SB |
394 | if [ $rc -ne 0 ]; then |
395 | echo "Could not run ${SWTPM_EXE} using ${iface}" | |
396 | exit 1 | |
397 | fi | |
398 | [ $rc -ne 0 ] && return $rc | |
f3a14917 | 399 | SWTPM_PID=$! |
35e571b4 SB |
400 | if wait_for_serversocket "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then |
401 | echo "Server did not open port ${SWTPM_SERVER_PORT}" | |
402 | kill -9 ${SWTPM_PID} | |
403 | exit 1 | |
404 | fi | |
405 | if wait_for_socketfile ${SWTPM_CTRL_UNIX_PATH} 1; then | |
406 | echo "Server did not create UnixIO socket ${SWTPM_CTRL_UNIX_PATH}" | |
407 | kill -9 ${SWTPM_PID} | |
408 | exit 1 | |
409 | fi | |
410 | return 0 | |
f3a14917 SB |
411 | ;; |
412 | unix+socket) | |
413 | [ -z "${SWTPM_CMD_UNIX_PATH}" ] && { | |
414 | echo "SWTPM_CMD_UNIX_PATH not defined" | |
415 | exit 1 | |
416 | } | |
417 | [ -z "${SWTPM_CTRL_PORT}" ] && { | |
418 | echo "SWTPM_CTRL_PORT not defined" | |
419 | exit 1 | |
420 | } | |
bd8f3581 SB |
421 | |
422 | if wait_socketfile_gone "${SWTPM_CMD_UNIX_PATH}" 2; then | |
423 | echo "Unix socket ${SWTPM_CMD_UNIX_PATH} is still there" | |
424 | exit 1 | |
425 | fi | |
426 | if wait_serversocket_gone "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then | |
427 | echo "Port ${SWTPM_CTRL_PORT} is still used" | |
428 | exit 1 | |
429 | fi | |
430 | ||
f3a14917 | 431 | ${SWTPM_EXE} socket $@ \ |
930c7ba1 | 432 | ${SWTPM_TEST_SECCOMP_OPT} \ |
f3a14917 SB |
433 | --server type=unixio,path=${SWTPM_CMD_UNIX_PATH} \ |
434 | --ctrl type=tcp,port=${SWTPM_CTRL_PORT} & | |
435 | rc=$? | |
35e571b4 SB |
436 | if [ $rc -ne 0 ]; then |
437 | echo "Could not run ${SWTPM_EXE} using ${iface}" | |
438 | exit 1 | |
439 | fi | |
f3a14917 | 440 | SWTPM_PID=$! |
35e571b4 SB |
441 | if wait_for_socketfile ${SWTPM_CMD_UNIX_PATH} 2; then |
442 | echo "Server did not create UnixIO socket ${SWTPM_CMD_UNIX_PATH}" | |
443 | kill -9 ${SWTPM_PID} | |
444 | exit 1 | |
445 | fi | |
446 | if wait_for_serversocket "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then | |
447 | echo "Server did not open port ${SWTPM_CTRL_PORT}" | |
448 | kill -9 ${SWTPM_PID} | |
449 | exit 1 | |
450 | fi | |
451 | return 0 | |
f3a14917 SB |
452 | ;; |
453 | unix+unix) | |
454 | [ -z "${SWTPM_CMD_UNIX_PATH}" ] && { | |
455 | echo "SWTPM_CMD_UNIX_PATH not defined" | |
456 | exit 1 | |
457 | } | |
458 | [ -z "${SWTPM_CTRL_UNIX_PATH}" ] && { | |
459 | echo "SWTPM_CTRL_UNIX_PATH not defined" | |
460 | exit 1 | |
461 | } | |
bd8f3581 SB |
462 | |
463 | if wait_socketfile_gone "${SWTPM_CMD_UNIX_PATH}" 2; then | |
464 | echo "Unix socket ${SWTPM_CMD_UNIX_PATH} is still there" | |
465 | exit 1 | |
466 | fi | |
467 | if wait_socketfile_gone "${SWTPM_CTRL_UNIX_PATH}" 2; then | |
468 | echo "Unix socket ${SWTPM_CTRL_UNIX_PATH} is still there" | |
469 | exit 1 | |
470 | fi | |
471 | ||
f3a14917 | 472 | ${SWTPM_EXE} socket $@ \ |
930c7ba1 | 473 | ${SWTPM_TEST_SECCOMP_OPT} \ |
f3a14917 SB |
474 | --server type=unixio,path=${SWTPM_CMD_UNIX_PATH} \ |
475 | --ctrl type=unixio,path=${SWTPM_CTRL_UNIX_PATH} & | |
476 | rc=$? | |
35e571b4 SB |
477 | if [ $rc -ne 0 ]; then |
478 | echo "Could not run ${SWTPM_EXE} using ${iface}" | |
479 | exit 1 | |
480 | fi | |
f3a14917 | 481 | SWTPM_PID=$! |
35e571b4 SB |
482 | if wait_for_socketfile ${SWTPM_CMD_UNIX_PATH} 2; then |
483 | echo "Server did not create UnixIO socket ${SWTPM_CMD_UNIX_PATH}" | |
484 | kill -9 ${SWTPM_PID} | |
485 | exit 1 | |
486 | fi | |
487 | if wait_for_socketfile ${SWTPM_CTRL_UNIX_PATH} 1; then | |
488 | echo "Server did not create UnixIO socket ${SWTPM_CTRL_UNIX_PATH}" | |
489 | kill -9 ${SWTPM_PID} | |
490 | exit 1 | |
491 | fi | |
492 | return 0 | |
f3a14917 SB |
493 | ;; |
494 | esac | |
495 | } | |
496 | ||
497 | # Open the command channel/device on fd 100 | |
498 | # | |
499 | # @param1: type of interface | |
500 | # @param2: must be '100' | |
501 | function swtpm_open_cmddev() | |
502 | { | |
503 | local iface=$1; shift | |
504 | ||
505 | [ "$1" != "100" ] && { | |
506 | echo "swtpm_opendev: Filedescriptor must be 100" | |
507 | exit 1 | |
508 | } | |
509 | ||
510 | case "${iface}" in | |
511 | cuse) | |
512 | [ -z "${SWTPM_DEV_NAME}" ] && { | |
513 | echo "SWTPM_DEV_NAME not defined" | |
514 | exit 1 | |
515 | } | |
516 | exec 100<>${SWTPM_DEV_NAME} | |
517 | return $? | |
518 | ;; | |
519 | socket+socket|socket+unix) | |
520 | [ -z "${SWTPM_SERVER_NAME}" ] && { | |
521 | echo "SWTPM_SERVER_NAME not defined" | |
522 | exit 1 | |
523 | } | |
524 | [ -z "${SWTPM_SERVER_PORT}" ] && { | |
525 | echo "SWTPM_SERVER_PORT not defined" | |
526 | exit 1 | |
527 | } | |
80f98589 SB |
528 | # Must first close on OS/X |
529 | exec 100>&- | |
f3a14917 SB |
530 | exec 100<>/dev/tcp/${SWTPM_SERVER_NAME}/${SWTPM_SERVER_PORT} |
531 | return $? | |
532 | ;; | |
533 | unix+socket|unix+unix) | |
534 | ;; | |
535 | *) | |
536 | echo "swtpm_opendev: unsupported interface $iface" | |
537 | exit 1 | |
538 | esac | |
539 | } | |
540 | ||
541 | # Transmit a command on fd 100 | |
542 | # | |
543 | # @param1: type of interface | |
544 | function swtpm_cmd_tx() | |
545 | { | |
546 | local iface=$1 | |
547 | local cmd_path resp_path | |
548 | ||
27aad728 SB |
549 | cmd_path=$(mktemp) |
550 | ||
f3a14917 SB |
551 | case "${iface}" in |
552 | cuse) | |
27aad728 SB |
553 | echo -en "$2" > ${cmd_path} |
554 | cat ${cmd_path} >&100 | |
555 | dd if=/proc/self/fd/100 2>/dev/null | \ | |
556 | od -t x1 -A n | \ | |
557 | tr -s ' ' | \ | |
558 | tr -d '\n' | \ | |
559 | sed 's/ $//g' | |
f3a14917 SB |
560 | ;; |
561 | socket+socket|socket+unix) | |
27aad728 SB |
562 | echo -en "$2" > ${cmd_path} |
563 | cat ${cmd_path} >&100 | |
564 | cat <&100 | od -t x1 -A n | \ | |
565 | tr -s ' ' | \ | |
566 | tr -d '\n' | \ | |
567 | sed 's/ $//g' | |
f3a14917 SB |
568 | ;; |
569 | unix+socket|unix+unix) | |
f3a14917 | 570 | echo -en "$2" > ${cmd_path} |
6d33f6eb | 571 | socat -x -t50 \ |
f3a14917 SB |
572 | FILE:${cmd_path},rdonly \ |
573 | UNIX-CLIENT:${SWTPM_CMD_UNIX_PATH} 2>&1 | \ | |
574 | sed -n '/^ /p' | \ | |
575 | tail -n1 | |
f3a14917 SB |
576 | ;; |
577 | *) | |
578 | echo "swtpm_opendev: unsupported interface $iface" | |
27aad728 | 579 | rm -f ${cmd_path} |
f3a14917 SB |
580 | exit 1 |
581 | esac | |
27aad728 SB |
582 | |
583 | rm -f ${cmd_path} | |
f3a14917 SB |
584 | } |
585 | ||
a19a8683 SB |
586 | # Transmit a control command on fd 101 |
587 | # | |
588 | # @param1: type of interface | |
589 | function swtpm_ctrl_tx() | |
590 | { | |
591 | local iface=$1 | |
592 | local ctrl_path resp_path | |
593 | ||
594 | case "${iface}" in | |
595 | socket+socket|unix+socket) | |
596 | $ECHO -en "$2" >&101 | |
597 | cat <&101 | od -t x1 -A n -w128 | |
598 | ;; | |
599 | socket+unix|unix+unix) | |
600 | ctrl_path=$(mktemp) | |
601 | echo -en "$2" > ${ctrl_path} | |
6d33f6eb | 602 | socat -x -t50 \ |
a19a8683 SB |
603 | FILE:${ctrl_path},rdonly \ |
604 | UNIX-CLIENT:${SWTPM_CTRL_UNIX_PATH} 2>&1 | \ | |
605 | sed -n '/^ /p' | \ | |
606 | tail -n1 | |
607 | rm -f ${ctrl_path} | |
608 | ;; | |
609 | *) | |
610 | echo "swtpm_opendev: unsupported interface $iface" | |
611 | exit 1 | |
612 | esac | |
613 | } | |
614 | ||
615 | ||
f3a14917 SB |
616 | # Run swtpm_bios |
617 | # | |
618 | # @param1: type of interface | |
619 | # @param2 ...: parameters to pass to swtpm_bios | |
620 | function run_swtpm_bios() | |
621 | { | |
622 | local iface=$1 | |
623 | ||
624 | shift | |
625 | ||
626 | case "${iface}" in | |
627 | cuse) | |
628 | [ -z "${SWTPM_DEV_NAME}" ] && { | |
629 | echo "SWTPM_DEV_NAME not defined" | |
630 | exit 1 | |
631 | } | |
632 | ${SWTPM_BIOS} --tpm-device ${SWTPM_DEV_NAME} $@ | |
633 | return $? | |
634 | ;; | |
635 | unix+unix|unix+socket) | |
636 | [ -z "${SWTPM_CMD_UNIX_PATH}" ] && { | |
637 | echo "SWTPM_CMD_UNIX_PATH not defined" | |
638 | exit 1 | |
639 | } | |
640 | ${SWTPM_BIOS} --unix ${SWTPM_CMD_UNIX_PATH} $@ | |
641 | return $? | |
642 | ;; | |
643 | socket+unix|socket+socket) | |
644 | [ -z "${SWTPM_SERVER_PORT}" ] && { | |
645 | echo "SWTPM_SERVER_PORT not defined" | |
646 | exit 1 | |
647 | } | |
648 | ${SWTPM_BIOS} --tcp ${SWTPM_SERVER_NAME}:${SWTPM_SERVER_PORT} $@ | |
649 | return $? | |
650 | ;; | |
651 | *) | |
652 | echo "run_swtpm_bios: unsupported interface $iface" | |
653 | exit 1 | |
654 | esac | |
655 | } | |
597d06ee SB |
656 | |
657 | # Get the size of a file in bytes | |
658 | # | |
659 | # @1: filename | |
660 | function get_filesize() | |
661 | { | |
662 | if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-) ]]; then | |
663 | stat -c%s $1 | |
664 | else | |
665 | # OpenBSD | |
666 | stat -f%z $1 | |
667 | fi | |
668 | } | |
669 | ||
f487473c SB |
670 | # Get the file mode bits in octal format |
671 | # | |
672 | # @1: filename | |
673 | function get_filemode() | |
674 | { | |
675 | if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-) ]]; then | |
676 | stat -c%a $1 | |
677 | else | |
678 | # BSDs | |
679 | stat -f%Lp $1 | |
680 | fi | |
681 | } | |
682 | ||
bb0aa2ad SB |
683 | # Get the file owner uid and gid |
684 | # | |
685 | # @1: filename | |
686 | function get_fileowner() | |
687 | { | |
688 | if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-) ]]; then | |
689 | stat -c"%u %g" $1 | |
690 | else | |
691 | # BSDs | |
692 | stat -f"%u %g" $1 | |
693 | fi | |
694 | } | |
695 | ||
597d06ee SB |
696 | # Get the SHA1 of a file |
697 | # | |
698 | # @1: filename | |
699 | function get_sha1_file() | |
700 | { | |
08c8820a SB |
701 | if ! [ -r $1 ]; then |
702 | echo "[file $1 does not exist]" | |
703 | return | |
704 | fi | |
80f98589 SB |
705 | case "$(uname -s)" in |
706 | Linux|CYGWIN*) | |
ee40c13a | 707 | sha1sum $1 | cut -f1 -d" " |
80f98589 SB |
708 | ;; |
709 | Darwin) | |
710 | shasum $1 | cut -f1 -d" " | |
711 | ;; | |
712 | *) | |
597d06ee SB |
713 | # OpenBSD |
714 | sha1 $1 | cut -d "=" -f2 | tr -d " " | |
80f98589 | 715 | esac |
597d06ee | 716 | } |
100317d5 SB |
717 | |
718 | # Display process that have the same name | |
719 | # | |
720 | # @1: process name to match | |
721 | function display_processes_by_name() | |
722 | { | |
723 | local name="$1" | |
724 | ||
725 | if [ 1 -eq 0 ]; then | |
726 | ps aux | grep "${name}" | grep -v grep | |
727 | fi | |
08c8820a | 728 | } |
a3820b86 SB |
729 | |
730 | # Check whether seccomp support is compiled in | |
731 | # | |
732 | # @1: path to swtpm | |
733 | # | |
734 | # Returns 0 if seccomp is supported, 1 otherwise | |
735 | function has_seccomp_support() | |
736 | { | |
737 | local swtpm_exe="$1" | |
738 | ||
739 | local tmp=$(${swtpm_exe} socket --help | grep -E "\-\-seccomp") | |
740 | ||
741 | [ -n "${tmp}" ] && return 0 | |
742 | return 1 | |
743 | } | |
744 | ||
745 | # Check whether the given process runs with the given seccomp | |
746 | # profile type IF the given swtpm executable has seccomp support | |
747 | # | |
748 | # @1: Path to swtpm executable from which process was started | |
749 | # @2: The process ID | |
750 | # @3: The expected seccomp profile type | |
751 | function check_seccomp_profile() | |
752 | { | |
753 | local swtpm_exe="$1" | |
754 | local swtpm_pid="$2" | |
755 | local profile="$3" | |
756 | ||
757 | local tmp | |
758 | ||
759 | if ! has_seccomp_support "${swtpm_exe}"; then | |
760 | return 0 | |
761 | fi | |
930c7ba1 SB |
762 | if [ -n "${SWTPM_TEST_SECCOMP_OPT}" ]; then |
763 | return 0 | |
764 | fi | |
a3820b86 | 765 | |
1ce7293d SB |
766 | tmp=$(grep -E "^Seccomp" /proc/self/status | |
767 | cut -d":" -f2 | | |
768 | tr -d '\t') | |
769 | if [ "${tmp}" != "0" ]; then | |
770 | echo "check_seccomp_profile: skipping check since test env." \ | |
771 | "runs with in a seccomp profile overriding --seccomp" | |
772 | return 0 | |
773 | fi | |
774 | ||
a3820b86 SB |
775 | tmp=$(grep -E "^Seccomp" /proc/${swtpm_pid}/status | |
776 | cut -d":" -f2 | | |
777 | tr -d '\t') | |
778 | if [ "${tmp}" != ${profile} ]; then | |
779 | echo "Process ${swtpm_pid} has wrong seccomp profile type" | |
780 | echo "Expected: ${profile}" | |
781 | echo "Actual : ${tmp}" | |
782 | return 1 | |
783 | fi | |
784 | return 0 | |
785 | } | |
01ad1d03 SB |
786 | |
787 | # Validate the content of the pid file | |
788 | # @1: Expected PID | |
789 | # @2: pid file filename | |
790 | function validate_pidfile() | |
791 | { | |
792 | local pid="$1" | |
793 | local pidfile="$2" | |
996ad55f | 794 | local rpid="$(cat $pidfile)" |
01ad1d03 | 795 | |
996ad55f SB |
796 | if [ -z "$rpid" ]; then |
797 | sleep 0.1 | |
798 | rpid="$(cat $pidfile)" | |
799 | fi | |
800 | ||
801 | if [ "$pid" != "$rpid" ]; then | |
01ad1d03 SB |
802 | echo "Error: pid file contains unexpected PID value." |
803 | echo "expected: $pid" | |
804 | echo "actual : $(cat $pidfile)" | |
805 | exit 1 | |
806 | fi | |
807 | } |