tests/_test_tpm2_init

   1 #!/bin/bash
   2
   3 # For the license, see the LICENSE file in the root directory.
   4 #set -x
   5
   6 ROOT=${abs_top_builddir:-$(pwd)/..}
   7 TESTDIR=${abs_top_testdir:-$(dirname "$0")}
   8
   9 VTPM_NAME="vtpm-test-tpm2-init"
  10 SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
  11 export TPM_PATH="$(mktemp -d)" || exit 1
  12 STATE_FILE=$TPM_PATH/tpm2-00.permall
  13 VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
  14 SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
  15 SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
  16 SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
  17
  18 function cleanup()
  19 {
  20         pid=${SWTPM_PID}
  21         if [ -n "$pid" ]; then
  22                 kill_quiet -9 $pid
  23         fi
  24         rm -rf $TPM_PATH
  25 }
  26
  27 trap "cleanup" EXIT
  28
  29 [ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
  30 source ${TESTDIR}/common
  31
  32 rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
  33
  34 if has_seccomp_support "${SWTPM_EXE}"; then
  35         SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
  36 fi
  37
  38 run_swtpm ${SWTPM_INTERFACE} --tpm2
  39
  40 display_processes_by_name "$SWTPM"
  41
  42 kill_quiet -0 ${SWTPM_PID}
  43 if [ $? -ne 0 ]; then
  44         echo "Error: ${SWTPM_INTERFACE} TPM did not start."
  45         exit 1
  46 fi
  47
  48 # Init the TPM
  49 run_swtpm_ioctl ${SWTPM_INTERFACE} -i
  50 if [ $? -ne 0 ]; then
  51         echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
  52         exit 1
  53 fi
  54
  55 kill_quiet -0 ${SWTPM_PID} 2>/dev/null
  56 if [ $? -ne 0 ]; then
  57         echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
  58         exit 1
  59 fi
  60
  61 # Init the TPM again but make its state file inaccessible; this only
  62 # works if the TPM runs as non-rootchmod 000 "${STATE_FILE}"
  63 if [ "$(id -u)" != "0" ]; then
  64         chmod 000 "${STATE_FILE}"
  65         run_swtpm_ioctl ${SWTPM_INTERFACE} -i
  66         if [ $? -eq 0 ]; then
  67                 echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
  68                 exit 1
  69         fi
  70
  71         sleep 0.5
  72
  73         kill_quiet -0 ${SWTPM_PID} 2>/dev/null
  74         if [ $? -ne 0 ]; then
  75                 echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
  76                 exit 1
  77         fi
  78         chmod 664 "${STATE_FILE}"
  79
  80         # Init the TPM again; now with state file accessible again
  81         run_swtpm_ioctl ${SWTPM_INTERFACE} -i
  82         if [ $? -ne 0 ]; then
  83                 echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
  84                 exit 1
  85         fi
  86
  87         sleep 0.5
  88
  89         kill_quiet -0 ${SWTPM_PID} 2>/dev/null
  90         if [ $? -ne 0 ]; then
  91                 echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
  92                 exit 1
  93         fi
  94 fi
  95
  96 check_seccomp_profile "${SWTPM_EXE}" ${SWTPM_PID} 0
  97 if [ $? -ne 0 ]; then
  98         exit 1
  99 fi
 100
 101 # Shut down
 102 run_swtpm_ioctl ${SWTPM_INTERFACE} -s
 103 if [ $? -ne 0 ]; then
 104         echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
 105         exit 1
 106 fi
 107
 108 if wait_process_gone ${SWTPM_PID} 4; then
 109         echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
 110         exit 1
 111 fi
 112
 113 if [ ! -e $STATE_FILE ]; then
 114         echo "Error: TPM state file $STATE_FILE does not exist."
 115         exit 1
 116 fi
 117
 118 echo "OK"
 119
 120 exit 0