]> git.proxmox.com Git - swtpm.git/blob - tests/_test_tpm2_volatilestate
projects / swtpm.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
swtpm_setup: Add support for --reconfigure flag to change active PCR banks
[swtpm.git] / tests / _test_tpm2_volatilestate
1 #!/bin/bash
2
3 # For the license, see the LICENSE file in the root directory.
4 # set -x
5
6 ROOT=${abs_top_builddir:-$(pwd)/..}
7 TESTDIR=${abs_top_testdir:-$(dirname "$0")}
8
9 VTPM_NAME="vtpm-test-tpm2-volatilestate"
10 SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
11 export TPM_PATH="$(mktemp -d)" || exit 1
12 STATE_FILE=$TPM_PATH/tpm2-00.permall
13 VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
14 SWTPM_CMD_UNIX_PATH=$TPM_PATH/unix-cmd.sock
15 SWTPM_CTRL_UNIX_PATH=$TPM_PATH/unix-ctrl.sock
16 SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
17
18 function cleanup()
19 {
20 pid=${SWTPM_PID}
21 if [ -n "$pid" ]; then
22 kill_quiet -9 $pid
23 fi
24 rm -rf $TPM_PATH
25 }
26
27 trap "cleanup" EXIT
28
29 [ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
30 source ${TESTDIR}/common
31
32 rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
33
34 run_swtpm ${SWTPM_INTERFACE} --tpm2
35
36 display_processes_by_name "$SWTPM"
37
38 kill_quiet -0 ${SWTPM_PID}
39 if [ $? -ne 0 ]; then
40 echo "Error: ${SWTPM_INTERFACE} TPM did not start."
41 exit 1
42 fi
43
44 # Init the TPM
45 run_swtpm_ioctl ${SWTPM_INTERFACE} -i
46 if [ $? -ne 0 ]; then
47 echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
48 exit 1
49 fi
50
51 kill_quiet -0 ${SWTPM_PID} 2>/dev/null
52 if [ $? -ne 0 ]; then
53 echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
54 exit 1
55 fi
56
57 # Startup the TPM
58 swtpm_open_cmddev ${SWTPM_INTERFACE} 100
59 RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
60 exp=' 80 01 00 00 00 0a 00 00 00 00'
61 if [ "$RES" != "$exp" ]; then
62 echo "Error: Did not get expected result from TPM_Startup(SU_Clear)"
63 echo "expected: $exp"
64 echo "received: $RES"
65 exit 1
66 fi
67
68 run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
69 if [ $? -ne 0 ]; then
70 echo "Error: Hash command did not work."
71 exit 1
72 fi
73
74 # Read PCR 17
75 # length CC count hashalg sz
76 swtpm_open_cmddev ${SWTPM_INTERFACE} 100
77 RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
78 exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
79 if [ "$RES" != "$exp" ]; then
80 echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
81 echo "expected: $exp"
82 echo "received: $RES"
83 exit 1
84 fi
85
86 # Check the TPM Established bit after the hashing
87 RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
88 exp='tpmEstablished is 1'
89 if [ "$RES" != "$exp" ]; then
90 echo "Error (2): TPM Established flag has wrong value."
91 echo "expected: $exp"
92 echo "received: $RES"
93 exit 1
94 fi
95
96 # Save the volatile state
97 run_swtpm_ioctl ${SWTPM_INTERFACE} -v
98 if [ $? -ne 0 ]; then
99 echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
100 exit 1
101 fi
102
103 if [ ! -r $VOLATILE_STATE_FILE ]; then
104 echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
105 exit 1
106 fi
107
108 # Shut the TPM down
109 exec 100>&-
110 run_swtpm_ioctl ${SWTPM_INTERFACE} -s
111 if [ $? -ne 0 ]; then
112 echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
113 exit 1
114 fi
115
116 # Start the TPM again
117 run_swtpm ${SWTPM_INTERFACE} --tpm2
118
119 display_processes_by_name "$SWTPM"
120
121 kill_quiet -0 ${SWTPM_PID}
122 if [ $? -ne 0 ]; then
123 echo "Error: ${SWTPM_INTERFACE} TPM did not start."
124 exit 1
125 fi
126
127 # Init the TPM
128 run_swtpm_ioctl ${SWTPM_INTERFACE} -i
129 if [ $? -ne 0 ]; then
130 echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
131 exit 1
132 fi
133
134 # Volatile state must have been removed by TPM now
135 if [ -r $VOLATILE_STATE_FILE ]; then
136 echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
137 exit 1
138 fi
139
140 # Read the PCR again ...
141 swtpm_open_cmddev ${SWTPM_INTERFACE} 100
142
143 # length CC count hashalg sz
144 RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
145 exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
146 if [ "$RES" != "$exp" ]; then
147 echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
148 echo "expected: $exp"
149 echo "received: $RES"
150 exit 1
151 fi
152
153 # Check that the TPM Established bit is still set
154 RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
155 exp='tpmEstablished is 1'
156 if [ "$RES" != "$exp" ]; then
157 echo "Error (2): TPM Established flag has wrong value."
158 echo "expected: $exp"
159 echo "received: $RES"
160 exit 1
161 fi
162
163 # Save the volatile state again
164 run_swtpm_ioctl ${SWTPM_INTERFACE} -v
165 if [ $? -ne 0 ]; then
166 echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
167 exit 1
168 fi
169
170 if [ ! -r $VOLATILE_STATE_FILE ]; then
171 echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
172 exit 1
173 fi
174
175 # Send a new TPM_Init
176 run_swtpm_ioctl ${SWTPM_INTERFACE} -i
177 if [ $? -ne 0 ]; then
178 echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
179 exit 1
180 fi
181
182 # Volatile state must have been removed by TPM now
183 if [ -r $VOLATILE_STATE_FILE ]; then
184 echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
185 exit 1
186 fi
187
188 # Read the PCR again ...
189 swtpm_open_cmddev ${SWTPM_INTERFACE} 100
190
191 # length CC count hashalg sz
192 RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
193 exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
194 if [ "$RES" != "$exp" ]; then
195 echo "Error: (3) Did not get expected result from TPM_PCRRead(17)"
196 echo "expected: $exp"
197 echo "received: $RES"
198 exit 1
199 fi
200
201 # Check that the TPM Established bit is still set
202 RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
203 if [ $? -ne 0 ]; then
204 echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
205 exit 1
206 fi
207 exp='tpmEstablished is 1'
208 if [ "$RES" != "$exp" ]; then
209 echo "Error (2): TPM Established flag has wrong value."
210 echo "expected: $exp"
211 echo "received: $RES"
212 exit 1
213 fi
214
215 # Final shut down
216 exec 100>&-
217 run_swtpm_ioctl ${SWTPM_INTERFACE} -s
218 if [ $? -ne 0 ]; then
219 echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
220 exit 1
221 fi
222
223 if wait_process_gone ${SWTPM_PID} 4; then
224 echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
225 exit 1
226 fi
227
228 if [ ! -e $STATE_FILE ]; then
229 echo "Error: TPM state file $STATE_FILE does not exist."
230 exit 1
231 fi
232
233 echo "OK"
234
235 exit 0
Software TPM used for PVE's Virtual Machines