tests/test_tpm2_chroot_cuse

   1 #!/usr/bin/env bash
   2
   3 # For the license, see the LICENSE file in the root directory.
   4
   5 if [ "$(id -u)" -ne 0 ]; then
   6         echo "Need to be root to run this test."
   7         exit 77
   8 fi
   9
  10 if [ "$(uname -s)" != "Linux" ]; then
  11         # Due to using /proc/<pid>/root
  12         echo "This test only runs only Linux."
  13         exit 77
  14 fi
  15
  16 if [ -z "$(type -P df)" ]; then
  17         echo "This test requires the 'df' tool."
  18         exit 77
  19 fi
  20
  21 ROOT=${abs_top_builddir:-$(dirname "$0")/..}
  22 TESTDIR=${abs_top_testdir:-$(dirname "$0")}
  23
  24 SWTPM=swtpm
  25 SWTPM_EXE=${SWTPM_EXE:-$ROOT/src/swtpm/$SWTPM}
  26 PID_FILE=/${SWTPM}.pid
  27 VTPM_NAME="vtpm-test-chroot"
  28 SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
  29
  30 source ${TESTDIR}/common
  31 source ${TESTDIR}/test_common
  32 source ${TESTDIR}/test_cuse
  33
  34 skip_test_no_tpm20 "${SWTPM_EXE}"
  35
  36 trap "cleanup" SIGTERM EXIT
  37
  38 function cleanup()
  39 {
  40         rm -rf $TPMDIR
  41         if [ -n "$PID" ]; then
  42                 kill_quiet -SIGTERM $PID 2>/dev/null
  43         fi
  44 }
  45
  46 for OPTION in --chroot -R; do
  47         TPMDIR="$(mktemp -d)" || exit 1
  48
  49         # CUSE TPM will only work if the filesystem does not have 'nodev' option
  50         mnt=$(df $TPMDIR | tail -n 1 | gawk '{print $1" "$6}')
  51         if [ -z "${mnt}" ]; then
  52                 echo " Error: Could not determine filesystem and mount point of $TPMDIR"
  53                 exit 1
  54         fi
  55         nodev="$(grep -E "^${mnt} " /proc/mounts |
  56                  gawk '{print ","$4","}' |
  57                  grep ",nodev,")"
  58         if [ -n "${nodev}" ]; then
  59                 echo " Error: '${mnt}' is mounted with nodev option. Skipping test."
  60                 exit 77
  61         fi
  62
  63         mkdir $TPMDIR/dev
  64         mknod -m 0666 $TPMDIR/dev/urandom c 1 9
  65         mknod -m 0666 $TPMDIR/dev/cuse c 10 203
  66
  67         $SWTPM_EXE cuse \
  68                 -n "$SWTPM_DEV_NAME" \
  69                 "$OPTION" $TPMDIR \
  70                 --tpmstate dir=/ \
  71                 --pid file=$PID_FILE \
  72                 --tpm2 \
  73                 --flags not-need-init \
  74                 ${SWTPM_TEST_SECCOMP_OPT} &>/dev/null &
  75
  76         if wait_for_file $TPMDIR/$PID_FILE 3; then
  77                 echo "Error: CUSE TPM did not write pidfile."
  78                 exit 1
  79         fi
  80
  81         PID=$(ps aux |
  82                 grep "cuse" |
  83                 grep " ${SWTPM_DEV_NAME}" |
  84                 grep -v grep |
  85                 gawk '{print $2}')
  86
  87         validate_pidfile $PID $TPMDIR/$PID_FILE
  88
  89         if [ "$(readlink /proc/$PID/root)" != $TPMDIR ]; then
  90                 echo "Test 1 failed: Unexpected chroot dir"
  91                 exit 1
  92         fi
  93
  94         if [ ! -f ${TPMDIR}/tpm2-00.permall ]; then
  95                 echo "Missing state file"
  96                 exit 1
  97         fi
  98
  99         echo "Test $OPTION passed"
 100         cleanup
 101 done