]> git.proxmox.com Git - swtpm.git/blob - tests/test_tpm2_vtpm_proxy
projects / swtpm.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
packaging: track dbgsym package for swtpm-libs and swtpm-tools
[swtpm.git] / tests / test_tpm2_vtpm_proxy
1 #!/usr/bin/env bash
2
3 # For the license, see the LICENSE file in the root directory.
4 #set -x
5
6 if [ "$(id -u)" -ne 0 ]; then
7 echo "Need to be root to run this test."
8 exit 77
9 fi
10
11 ROOT=${abs_top_builddir:-$(dirname "$0")/..}
12 TESTDIR=${abs_top_testdir:-$(dirname "$0")}
13
14 SWTPM=swtpm
15 SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
16 TPM_PATH="$(mktemp -d)" || exit 1
17 STATE_FILE=$TPM_PATH/tpm2-00.permall
18 VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
19 PID_FILE=$TPM_PATH/${SWTPM}.pid
20 SOCK_PATH=$TPM_PATH/sock
21 CMD_PATH=$TPM_PATH/cmd
22 RESP_PATH=$TPM_PATH/resp
23 LOGFILE=$TPM_PATH/logfile
24
25 function cleanup()
26 {
27 pid=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
28 if [ -n "$pid" ]; then
29 kill_quiet -9 $pid
30 fi
31 rm -rf $TPM_PATH
32 }
33
34 trap "cleanup" EXIT
35
36 source ${TESTDIR}/common
37 skip_test_no_tpm20 "${SWTPM_EXE}"
38
39 source ${TESTDIR}/load_vtpm_proxy
40
41 rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
42
43 $SWTPM_EXE chardev \
44 --tpm2 \
45 --vtpm-proxy \
46 --tpmstate dir=$TPM_PATH \
47 --ctrl type=unixio,path=$SOCK_PATH \
48 --flags startup-clear \
49 ${SWTPM_TEST_SECCOMP_OPT} \
50 --pid file=$PID_FILE &>$LOGFILE &
51 sleep 0.5
52 PID=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
53
54 display_processes_by_name "$SWTPM"
55
56 kill_quiet -0 $PID
57 if [ $? -ne 0 ]; then
58 echo "Error: Chardev TPM did not start."
59 exit 1
60 fi
61 TPM_DEVICE=$(sed -n 's,.*\(/dev/tpm[0-9]\+\).*,\1,p' $LOGFILE)
62 echo "Using ${TPM_DEVICE}."
63
64 # Wait for chardev to appear
65 for ((i = 0; i < 10; i ++)); do
66 [ -c "${TPM_DEVICE}" ] && break
67 sleep 0.1
68 done
69 if ! [ -c "${TPM_DEVICE}" ]; then
70 echo "Error: Chardev ${TPM_DEVICE} did not appear"
71 exit 1
72 fi
73
74 # Open access to the TPM
75 exec 100<>$TPM_DEVICE
76 if [ $? -ne 0 ]; then
77 echo "Error: Could not open $TPM_DEVICE"
78 exit 1
79 fi
80
81 # Read PCR 17
82 # length CC count hashalg sz
83 echo -en '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02' >&100
84 RES=$(od -t x1 -A n -w128 <&100)
85 exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 14 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff'
86 if [ "$RES" != "$exp" ]; then
87 echo "Error: Did not get expected result from TPM_PCRRead(17)"
88 echo "expected: $exp"
89 echo "received: $RES"
90 exit 1
91 fi
92
93 exec 100>&-
94
95 kill_quiet -0 $PID
96 if [ $? -ne 0 ]; then
97 echo "Error: Chardev TPM must have crashed."
98 exit 1
99 fi
100
101 if [ ! -e $STATE_FILE ]; then
102 echo "Error: TPM state file $STATE_FILE does not exist."
103 exit 1
104 fi
105
106 # Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
107 echo -en '\x00\x00\x00\x03' > $CMD_PATH
108 socat -x -t10 FILE:$CMD_PATH,rdonly UNIX-CONNECT:$SOCK_PATH 2>&1 | \
109 sed -n '/^ /p' | \
110 tail -n1 > $RESP_PATH
111 res="$(cat $RESP_PATH)"
112 exp=" 00 00 00 00"
113 if [ "$res" != "$exp" ]; then
114 echo "Error: Unexpected response from CMD_SHUTDOWN:"
115 echo " actual : $res"
116 echo " expected: $exp"
117 exit 1
118 fi
119
120 if wait_process_gone ${PID} 1; then
121 echo "Error: TPM should not be running anymore."
122 exit 1
123 fi
124
125 if [ -f $PID_FILE ]; then
126 echo "Error: TPM should have removed the PID file."
127 exit 1
128 fi
129
130 echo "OK"
131
132 exit 0
Software TPM used for PVE's Virtual Machines