]> git.proxmox.com Git - swtpm.git/blame - tests/test_ctrlchannel
projects / swtpm.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
swtpm: Get the IV from a tag-length-value block in the data stream
[swtpm.git] / tests / test_ctrlchannel
CommitLineData
6852f6c8
SB		 1#!/bin/bash
2
3# For the license, see the LICENSE file in the root directory.
4
5DIR=$(dirname "$0")
6ROOT=${DIR}/..
6852f6c8 7TPMDIR=`mktemp -d`
a19a8683
SB		 8SWTPM_CTRL_UNIX_PATH=$TPMDIR/sock
9PID_FILE=$TPMDIR/swtpm.pid
10LOG_FILE=$TPMDIR/swtpm.log
6852f6c8
SB		 11CMD_PATH=$TPMDIR/cmd
12RESP_PATH=$TPMDIR/resp
13
70f3e248
SB		 14source ${DIR}/test_common
15
6852f6c8
SB		 16trap "cleanup" SIGTERM EXIT
17
18function cleanup()
19{
20 rm -rf $TPMDIR
21 if [ -n "$PID" ]; then
22 kill -SIGTERM $PID 2>/dev/null
23 fi
24}
25
a19a8683
SB		 26SWTPM_INTERFACE=socket+unix
27SWTPM_SERVER_PORT=65430
28SWTPM_SERVER_NAME=localhost
29source ${DIR}/common
96066070 30
1eef338e 31# Test 1: test the control channel on the socket tpm
6852f6c8
SB		 32
33# use a pseudo terminal
76545232
SB		 34if [ -c /dev/ptmx ]; then
35 exec 100<>/dev/ptmx
36elif [ -c /dev/ptm ]; then
37 exec 100<>/dev/ptm
38else
39 echo "Could not find chardev for opening file descriptor."
40 exit 1
41fi
1eef338e 42$SWTPM_EXE socket \
89d85f9a
SB		 43 --fd 100 \
44 --tpmstate dir=$TPMDIR \
45 --pid file=$PID_FILE \
a19a8683 46 --ctrl type=unixio,path=$SWTPM_CTRL_UNIX_PATH \
89d85f9a 47 --log file=$LOG_FILE,level=20 &
6852f6c8 48
a19a8683
SB		 49exec 100>&-
50
70f3e248 51if wait_for_file $PID_FILE 3; then
1eef338e 52 echo "Error: Socket TPM did not write pidfile."
6852f6c8
SB		 53 exit 1
54fi
55
56PID="$(cat $PID_FILE)"
57
6852f6c8 58# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
a19a8683 59res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x01')"
76545232 60if [[ "$(uname -s)" =~ (Linux|OpenBSD) ]]; then
2b8a668d 61 exp=" 00 00 00 00 00 00 7f ff"
1d92a4df 62else
2b8a668d 63 exp=" 00 00 00 00 00 00 6f ff"
1d92a4df 64fi
6852f6c8
SB		 65if [ "$res" != "$exp" ]; then
66 echo "Error: Unexpected response from CMD_GET_CAPABILITY:"
67 echo " actual : $res"
68 echo " expected: $exp"
69 exit 1
70fi
71
804e7472 72# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
a19a8683 73res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
804e7472
SB		 74exp=" 00 00 00 00"
75if [ "$res" != "$exp" ]; then
76 echo "Error: Unexpected response from CMD_INIT:"
77 echo " actual : $res"
78 echo " expected: $exp"
79 exit 1
80fi
81
82# Send unknown command to the TPM
a19a8683 83res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\xff\xff')"
804e7472
SB		 84exp=" 00 00 00 0a"
85if [ "$res" != "$exp" ]; then
86 echo "Error: Unexpected response from sending unsupported command:"
87 echo " actual : $res"
88 echo " expected: $exp"
89 exit 1
90fi
91
03e00991 92# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
a19a8683 93res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0a')"
03e00991
SB		 94exp=" 00 00 00 00"
95if [ "$res" != "$exp" ]; then
96 echo "Error: Unexpected response from CMD_STORE_VOLATILE:"
97 echo " actual : $res"
98 echo " expected: $exp"
99 exit 1
100fi
101
102if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
103 echo "Error: Socket TPM: Did not write volatile state file"
104 exit 1
105fi
106
8f387d55 107# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
a19a8683 108res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
f56a0cd2
SB		 109exp=" 00 00 00 00"
110if [ "$res" != "$exp" ]; then
111 echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
112 echo " actual : $res"
113 echo " expected: $exp"
114 exit 1
115fi
116
8f387d55 117# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
a19a8683 118res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0f')"
f56a0cd2
SB		 119exp=" 00 00 00 00 00 00 00 00"
120if [ "$res" != "$exp" ]; then
121 echo "Error: Socket TPM: Unexpected response from CMD_GET_CONFIG:"
122 echo " actual : $res"
123 echo " expected: $exp"
124 exit 1
125fi
126
804e7472 127# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
a19a8683 128res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
804e7472
SB		 129exp=" 00 00 00 00"
130if [ "$res" != "$exp" ]; then
131 echo "Error: Unexpected response from CMD_SHUTDOWN:"
132 echo " actual : $res"
133 echo " expected: $exp"
134 exit 1
135fi
136
ead37845
SB		 137if wait_file_gone $PID_FILE 2; then
138 echo "Error: TPM should have removed PID file by now."
804e7472
SB		 139 exit 1
140fi
141
ead37845
SB		 142kill -0 $PID 2>/dev/null
143if [ $? -eq 0 ]; then
144 echo "Error: TPM should not be running anymore."
804e7472
SB		 145 exit 1
146fi
147
89d85f9a
SB		 148check_logfile_patterns_level_20 $LOG_FILE
149rm -f $LOG_FILE
150
6852f6c8
SB		 151echo "OK"
152
9ddc6998
SB		 153# Test 2: test the control channel on the socket tpm
154
f56a0cd2
SB		 155# There are a few more tests here that require sending commands to the TPM
156
9ddc6998 157# use a pseudo terminal
a19a8683 158run_swtpm ${SWTPM_INTERFACE} \
89d85f9a
SB		 159 --tpmstate dir=$TPMDIR \
160 --pid file=$PID_FILE \
a19a8683 161 --log file=$LOG_FILE
9ddc6998 162
70f3e248 163if wait_for_file $PID_FILE 3; then
9ddc6998 164 echo "Error: Socket TPM did not write pidfile."
a19a8683 165 cat $LOG_FILE
9ddc6998
SB		 166 exit 1
167fi
168
169PID="$(cat $PID_FILE)"
170
a19a8683 171swtpm_open_cmddev ${SWTPM_INTERFACE} 100
9ddc6998
SB		 172
173# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
a19a8683 174res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x01')"
76545232 175if [[ "$(uname -s)" =~ (Linux|OpenBSD) ]]; then
2b8a668d 176 exp=" 00 00 00 00 00 00 7f ff"
1d92a4df 177else
2b8a668d 178 exp=" 00 00 00 00 00 00 6f ff"
1d92a4df 179fi
9ddc6998
SB		 180if [ "$res" != "$exp" ]; then
181 echo "Error: Socket TPM: Unexpected response from CMD_GET_CAPABILITY:"
182 echo " actual : $res"
183 echo " expected: $exp"
184 exit 1
185fi
186
187# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
a19a8683 188res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
9ddc6998
SB		 189exp=" 00 00 00 00"
190if [ "$res" != "$exp" ]; then
191 echo "Error: Socket TPM: Unexpected response from CMD_INIT:"
192 echo " actual : $res"
193 echo " expected: $exp"
194 exit 1
195fi
196
197# Send unknown command to the TPM
a19a8683 198res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\xff\xff')"
9ddc6998
SB		 199exp=" 00 00 00 0a"
200if [ "$res" != "$exp" ]; then
201 echo "Error: Socket TPM: Unexpected response from sending unsupported command:"
202 echo " actual : $res"
203 echo " expected: $exp"
204 exit 1
205fi
206
f56a0cd2 207# Startup the TPM
a19a8683 208res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')"
f56a0cd2 209exp=' 00 c4 00 00 00 0a 00 00 00 00'
a19a8683 210if [ "$res" != "$exp" ]; then
f56a0cd2
SB		 211 echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
212 echo "expected: $exp"
a19a8683 213 echo "received: $res"
f56a0cd2
SB		 214 exit 1
215fi
216
03e00991 217# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
a19a8683 218res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0a')"
03e00991
SB		 219exp=" 00 00 00 00"
220if [ "$res" != "$exp" ]; then
221 echo "Error: Socket TPM: Unexpected response from CMD_STORE_VOLATILE:"
222 echo " actual : $res"
223 echo " expected: $exp"
224 exit 1
225fi
226
227if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
228 echo "Error: Socket TPM: Did not write volatile state file"
229 exit 1
230fi
231
f56a0cd2 232# 1. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
a19a8683 233res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
f56a0cd2
SB		 234exp=" 00 00 00 00 00 00 00 00"
235if [ "$res" != "$exp" ]; then
236 echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
237 echo " actual : $res"
238 echo " expected: $exp"
239 exit 1
240fi
241
242# 2. Send command to start HASH : CMD_HASH_START = 00 00 00 06
a19a8683 243res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x06')"
f56a0cd2
SB		 244exp=" 00 00 00 00"
245if [ "$res" != "$exp" ]; then
246 echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_START command:"
247 echo " actual : $res"
248 echo " expected: $exp"
249 exit 1
250fi
251
03e00991
SB		 252# 2.1. Send command to hash data : CMD_HASH_DATA = 00 00 00 07 uint32(length) data
253# We send 0x100 null bytes
254echo -en '\x00\x00\x00\x07\x00\x00\x20\x00' > $CMD_PATH
255dd if=/dev/zero count=$((0x2000)) bs=1 >> $CMD_PATH 2>/dev/null
a19a8683 256socat -x -t10 FILE:$CMD_PATH,rdonly UNIX-CONNECT:$SWTPM_CTRL_UNIX_PATH 2>&1 | \
03e00991
SB		 257 sed -n '/^ /p' | \
258 tail -n1 > $RESP_PATH
259res="$(cat $RESP_PATH)"
260exp=" 00 00 00 00"
261if [ "$res" != "$exp" ]; then
262 echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_DATA command:"
263 echo " actual : $res"
264 echo " expected: $exp"
265 exit 1
266fi
267
f56a0cd2 268# 3. Send command to end HASH : CMD_HASH_END = 00 00 00 08
a19a8683 269res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x08')"
f56a0cd2
SB		 270exp=" 00 00 00 00"
271if [ "$res" != "$exp" ]; then
272 echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_END command:"
273 echo " actual : $res"
274 echo " expected: $exp"
275 exit 1
276fi
277
278# 4. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
a19a8683 279res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
f56a0cd2
SB		 280exp=" 00 00 00 00 01 00 00 00"
281if [ "$res" != "$exp" ]; then
282 echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
283 echo " actual : $res"
284 echo " expected: $exp"
285 exit 1
286fi
287
288# 5. Send command to reset TPM established flag: CMD_RESET_TPMESTABLISHED = 00 00 00 0b 03
a19a8683 289res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0b\x03')"
3488d25f
SB		 290exp=" 00 00 00 00"
291if [ "$res" != "$exp" ]; then
292 echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
293 echo " actual : $res"
294 echo " expected: $exp"
295 exit 1
296fi
f56a0cd2
SB		 297
298# 6. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
a19a8683 299res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
3488d25f
SB		 300exp=" 00 00 00 00 00 00 00 00"
301if [ "$res" != "$exp" ]; then
302 echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
303 echo " actual : $res"
304 echo " expected: $exp"
305 exit 1
306fi
f56a0cd2
SB		 307
308# Read PCR 17
a19a8683
SB		 309swtpm_open_cmddev ${SWTPM_INTERFACE} 100
310res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
03e00991 311exp=' 00 c4 00 00 00 1e 00 00 00 00 c4 e1 e1 c9 81 c0 cd b1 e0 43 df 97 20 72 f9 5d a9 ff 06 ff'
a19a8683 312if [ "$res" != "$exp" ]; then
f56a0cd2
SB		 313 echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
314 echo "expected: $exp"
a19a8683 315 echo "received: $res"
f56a0cd2
SB		 316 exit 1
317fi
318
aeee2dc8 319# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
a19a8683
SB		 320# cmd | flags | type | offset |
321res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
8f387d55 322# result | flags | totlength | length |
27bf9db6 323exp=" 00 00 00 00 00 00 00 00 00 00 04 e5 00 00 04 e5"
8f387d55 324if [ "${res:0:48}" != "$exp" ]; then
aeee2dc8 325 echo "Error: Socket TPM: Unexpected response from CMD_GET_STATEBLOB:"
8f387d55
SB		 326 echo " actual : $res"
327 echo " expected: $exp"
328 exit 1
329fi
f56a0cd2 330
8f387d55 331# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
a19a8683 332res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
f56a0cd2
SB		 333exp=" 00 00 00 00"
334if [ "$res" != "$exp" ]; then
335 echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
336 echo " actual : $res"
337 echo " expected: $exp"
338 exit 1
339fi
340
341# Read PCR 17 -- should fail now
a19a8683
SB		 342swtpm_open_cmddev ${SWTPM_INTERFACE} 100
343res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
f56a0cd2 344exp=' 00 c4 00 00 00 0a 00 00 00 09'
a19a8683 345if [ "$res" != "$exp" ]; then
f56a0cd2
SB		 346 echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
347 echo "expected: $exp"
a19a8683 348 echo "received: $res"
f56a0cd2
SB		 349 exit 1
350fi
351
8f387d55 352# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
a19a8683 353res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0f')"
f56a0cd2
SB		 354exp=" 00 00 00 00 00 00 00 00"
355if [ "$res" != "$exp" ]; then
356 echo "Error: Socket TPM: Unexpected response from CMD_GET_CONFIG:"
357 echo " actual : $res"
358 echo " expected: $exp"
359 exit 1
360fi
361
6a2dd35b 362# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
a19a8683 363res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
6a2dd35b
SB		 364exp=" 00 00 00 00"
365if [ "$res" != "$exp" ]; then
366 echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
367 echo " actual : $res"
368 echo " expected: $exp"
369 exit 1
370fi
371
ead37845
SB		 372if wait_file_gone $PID_FILE 2; then
373 echo "Error: TPM should have removed PID file by now."
6a2dd35b
SB		 374 exit 1
375fi
376
ead37845
SB		 377kill -0 $PID 2>/dev/null
378if [ $? -eq 0 ]; then
379 echo "Error: Socket TPM should not be running anymore."
6a2dd35b
SB		 380 exit 1
381fi
382
89d85f9a
SB		 383# Expecting to see an error message for the unknown command
384check_logfile_patterns_level_1 $LOG_FILE 1
385rm -f $LOG_FILE
386
6a2dd35b
SB		 387echo "OK"
388
6a2dd35b
SB		 389# Test 3: test the control channel on the socket tpm: resume encrypted state
390
391# copy all the state files
392cp ${PWD}/${DIR}/data/tpmstate2/* ${TPMDIR}
393
a19a8683 394run_swtpm ${SWTPM_INTERFACE} \
6a2dd35b
SB		 395 --tpmstate dir=$TPMDIR \
396 --pid file=$PID_FILE \
89d85f9a 397 --key pwdfile=${PWD}/${DIR}/data/tpmstate2/pwdfile.txt \
63ab6c3c 398 --log file=$LOG_FILE,level=20 \
a19a8683 399 --flags not-need-init
6a2dd35b 400
70f3e248 401if wait_for_file $PID_FILE 3; then
6a2dd35b
SB		 402 echo "Error: Socket TPM did not write pidfile."
403 exit 1
404fi
405
406PID="$(cat $PID_FILE)"
407
6a2dd35b 408# Read PCR 10
a19a8683
SB		 409swtpm_open_cmddev ${SWTPM_INTERFACE} 100
410res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
6a2dd35b 411exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
a19a8683 412if [ "$res" != "$exp" ]; then
6a2dd35b
SB		 413 echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
414 echo "expected: $exp"
a19a8683 415 echo "received: $res"
6a2dd35b
SB		 416 exit 1
417fi
418
aeee2dc8 419# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
a19a8683
SB		 420# cmd | flags | type | offset |
421vstate="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
6a2dd35b 422# result | flags | totlength | length |
27bf9db6 423exp=" 00 00 00 00 00 00 00 02 00 00 05 0c 00 00 05 0c"
6a2dd35b 424if [ "${vstate:0:48}" != "$exp" ]; then
aeee2dc8 425 echo "Error: Socket TPM: Unexpected response from CMD_GET_STATEBLOB:"
6a2dd35b
SB		 426 echo " actual : ${vstate:0:48}"
427 echo " expected: $exp"
428 exit 1
429fi
430
431# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
a19a8683 432res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
6a2dd35b
SB		 433exp=" 00 00 00 00"
434if [ "$res" != "$exp" ]; then
435 echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
436 echo " actual : $res"
437 echo " expected: $exp"
438 exit 1
439fi
440
ead37845
SB		 441if wait_file_gone $PID_FILE 2; then
442 echo "Error: TPM should have removed PID file by now."
6a2dd35b
SB		 443 exit 1
444fi
445
ead37845
SB		 446kill -0 $PID 2>/dev/null
447if [ $? -eq 0 ]; then
448 echo "Error: Socket TPM should not be running anymore."
6a2dd35b
SB		 449 exit 1
450fi
451
89d85f9a
SB		 452check_logfile_patterns_level_20 $LOG_FILE
453rm -f $LOG_FILE
454
455echo "OK"
6a2dd35b
SB		 456
457# remove volatile state
458rm -f $TPMDIR/*.volatilestate
459
a19a8683 460run_swtpm ${SWTPM_INTERFACE} \
6a2dd35b
SB		 461 --tpmstate dir=$TPMDIR \
462 --pid file=$PID_FILE \
89d85f9a 463 --key pwdfile=${PWD}/${DIR}/data/tpmstate2/pwdfile.txt \
63ab6c3c 464 --log file=$LOG_FILE \
a19a8683 465 --flags not-need-init
6a2dd35b 466
70f3e248 467if wait_for_file $PID_FILE 3; then
6a2dd35b
SB		 468 echo "Error: Socket TPM did not write pidfile."
469 exit 1
470fi
471
472PID="$(cat $PID_FILE)"
473
6a2dd35b 474# Read PCR 10 -- this should fail now
a19a8683
SB		 475swtpm_open_cmddev ${SWTPM_INTERFACE} 100
476res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
6a2dd35b 477exp=' 00 c4 00 00 00 0a 00 00 00 26'
a19a8683 478if [ "$res" != "$exp" ]; then
6a2dd35b
SB		 479 echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
480 echo "expected: $exp"
a19a8683 481 echo "received: $res"
6a2dd35b
SB		 482 exit 1
483fi
484
6a2dd35b 485# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
a19a8683 486res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
6a2dd35b
SB		 487exp=" 00 00 00 00"
488if [ "$res" != "$exp" ]; then
489 echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
490 echo " actual : $res"
491 echo " expected: $exp"
492 exit 1
493fi
494
495# Send the volatile state to the TPM (while it is stopped)
496# | cmd | flags | type |
6a2dd35b
SB		 497vstate=${vstate:48}
498size=$((${#vstate} / 3))
499size=$(printf "%08x" $size | sed 's/\([0-9a-f]\{2\}\)/\\x\1/g')
6a2dd35b 500vstate=$(echo "${vstate}" | sed 's/ /\\x/g')
a19a8683 501res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} "\x00\x00\x00\x0d\x00\x00\x00\x02\x00\x00\x00\x02${size}${vstate}")"
6a2dd35b
SB		 502exp=" 00 00 00 00"
503if [ "$res" != "$exp" ]; then
aeee2dc8 504 echo "Error: Socket TPM: Unexpected response from CMD_SET_STATEBLOB:"
6a2dd35b
SB		 505 echo " actual : $res"
506 echo " expected: $exp"
507 exit 1
508fi
509
510# Send init command to the TPM: CMD_INIT = 00 00 00 02
a19a8683 511res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
6a2dd35b
SB		 512exp=" 00 00 00 00"
513if [ "$res" != "$exp" ]; then
514 echo "Error: Socket TPM: Unexpected response from CMD_INIT:"
515 echo " actual : $res"
516 echo " expected: $exp"
517 exit 1
518fi
519
6a2dd35b 520# Read PCR 10 -- has to return same result as before
a19a8683
SB		 521swtpm_open_cmddev ${SWTPM_INTERFACE} 100
522res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
6a2dd35b 523exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
a19a8683 524if [ "$res" != "$exp" ]; then
6a2dd35b
SB		 525 echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
526 echo "expected: $exp"
a19a8683 527 echo "received: $res"
6a2dd35b
SB		 528 exit 1
529fi
530
492a635e 531# Reset PCR 20 while in locality 0 -- should not work
a19a8683
SB		 532swtpm_open_cmddev ${SWTPM_INTERFACE} 100
533res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
492a635e 534exp=' 00 c4 00 00 00 0a 00 00 00 33'
a19a8683 535if [ "$res" != "$exp" ]; then
492a635e
SB		 536 echo "Error: Trying to reset PCR 20 in locality 0 returned unexpected result"
537 echo "expected: $exp"
a19a8683 538 echo "received: $res"
492a635e
SB		 539 exit 1
540fi
541
542# In locality 2 we can reset PCR 20
543# Set the localoty on the TPM: CMD_SET_LOCALITY = 00 00 00 05 <locality>
a19a8683 544res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x05\x02')"
492a635e
SB		 545exp=" 00 00 00 00"
546if [ "$res" != "$exp" ]; then
547 echo "Error: Socket TPM: Unexpected response from CMD_SET_LOCALITY:"
548 echo " actual : $res"
549 echo " expected: $exp"
550 exit 1
551fi
552
553# Reset PCR 20 while in locality 2 -- has to work
a19a8683
SB		 554swtpm_open_cmddev ${SWTPM_INTERFACE} 100
555res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
492a635e 556exp=' 00 c4 00 00 00 0a 00 00 00 00'
a19a8683 557if [ "$res" != "$exp" ]; then
492a635e
SB		 558 echo "Error: Could not reset PCR 20 in locality 2"
559 echo "expected: $exp"
a19a8683 560 echo "received: $res"
492a635e
SB		 561 exit 1
562fi
563
9ddc6998 564# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
a19a8683 565res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
9ddc6998
SB		 566exp=" 00 00 00 00"
567if [ "$res" != "$exp" ]; then
568 echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
569 echo " actual : $res"
570 echo " expected: $exp"
571 exit 1
572fi
573
ead37845
SB		 574if wait_file_gone $PID_FILE 2; then
575 echo "Error: TPM should have removed PID file by now."
9ddc6998
SB		 576 exit 1
577fi
578
ead37845
SB		 579kill -0 $PID 2>/dev/null
580if [ $? -eq 0 ]; then
581 echo "Error: Socket TPM should not be running anymore."
9ddc6998
SB		 582 exit 1
583fi
584
89d85f9a
SB		 585# (Currently) expecting to see nothing in the log file
586check_logfile_patterns_level_1 $LOG_FILE 0
587rm -f $LOG_FILE
588
9ddc6998
SB		 589echo "OK"
590
6852f6c8 591exit 0
Software TPM used for PVE's Virtual Machines