tests/test_locality

   1 #!/bin/bash
   2
   3 # For the license, see the LICENSE file in the root directory.
   4 #set -x
   5
   6 DIR=$(dirname "$0")
   7 ROOT=${DIR}/..
   8 SWTPM=swtpm_cuse
   9 SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
  10 CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
  11 MAJOR=255
  12 MINOR=100
  13 VTPM_NAME=$(printf "vtpm-%d-%d" $MAJOR $MINOR)
  14 export TPM_PATH=/tmp
  15 STATE_FILE=$TPM_PATH/tpm-00.permall
  16 VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
  17
  18 if [ "$(id -u)" -ne 0 ]; then
  19         echo "Need to be root to run this test."
  20         exit 77
  21 fi
  22
  23 function cleanup()
  24 {
  25         pid=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
  26         if [ -n "$pid" ]; then
  27                 kill -9 $pid
  28         fi
  29 }
  30
  31 trap "cleanup" EXIT
  32
  33 modprobe cuse
  34
  35 rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
  36
  37 $SWTPM_EXE -n $VTPM_NAME
  38 sleep 0.5
  39 PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
  40
  41 ps aux | grep $SWTPM | grep -v grep
  42
  43 kill -0 $PID
  44 if [ $? -ne 0 ]; then
  45         echo "Error: CUSE TPM did not start."
  46         exit 1
  47 fi
  48
  49
  50 # Init the TPM
  51 $CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
  52
  53 sleep 0.5
  54
  55 kill -0 $PID 2>/dev/null
  56 if [ $? -ne 0 ]; then
  57         echo "Error: CUSE TPM not running anymore after INIT."
  58         exit 1
  59 fi
  60
  61 # Set locality 4 on the TPM
  62 $CUSE_TPM_IOCTL -l 4 /dev/$VTPM_NAME
  63 if [ $? -ne 0 ]; then
  64         echo "Error: CUSE TPM did not accept locality 4."
  65         exit 1
  66 fi
  67
  68 # Set illegal locality 5 on the TPM
  69 $CUSE_TPM_IOCTL -l 5 /dev/$VTPM_NAME
  70 if [ $? -eq 0 ]; then
  71         echo "Error: CUSE TPM accepted locality 5."
  72         exit 1
  73 fi
  74
  75 # Set locality 0 on the TPM
  76 $CUSE_TPM_IOCTL -l 0 /dev/$VTPM_NAME
  77 if [ $? -ne 0 ]; then
  78         echo "Error: CUSE TPM did not accept locality 0."
  79         exit 1
  80 fi
  81
  82 # In locality 2 we can reset PCR 20
  83 $CUSE_TPM_IOCTL -l 2 /dev/$VTPM_NAME
  84 if [ $? -ne 0 ]; then
  85         echo "Error: CUSE TPM did not accept locality 2."
  86         exit 1
  87 fi
  88
  89 exec 100<>/dev/$VTPM_NAME
  90
  91 # Startup the TPM
  92 echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
  93 RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
  94 exp=' 00 c4 00 00 00 0a 00 00 00 00'
  95 if [ "$RES" != "$exp" ]; then
  96         echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
  97         echo "expected: $exp"
  98         echo "received: $RES"
  99         exit 1
 100 fi
 101
 102 # Reset PCR 20
 103 echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
 104 RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
 105 exp=' 00 c4 00 00 00 0a 00 00 00 00'
 106 if [ "$RES" != "$exp" ]; then
 107         echo "Error: Could not reset PCR 20 in locality 2"
 108         echo "expected: $exp"
 109         echo "received: $RES"
 110         exit 1
 111 fi
 112
 113 # Shut down TPM
 114 $CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
 115
 116 sleep 0.5
 117
 118 kill -0 $PID 2>/dev/null
 119 if [ $? -eq 0 ]; then
 120         echo "Error: CUSE TPM should not be running anymore."
 121         exit 1
 122 fi
 123
 124 if [ ! -e $STATE_FILE ]; then
 125         echo "Error: TPM state file $STATE_FILE does not exist."
 126         exit 1
 127 fi
 128
 129 echo "OK"
 130
 131 exit 0