Stefan Berger [Mon, 12 Feb 2018 15:10:31 +0000 (10:10 -0500)]
swtpm_setup: Strictly use passwords as specified by user
Use the passwords as specified by the user also when only temporarily
taking ownership. Use the zero password in case nothing has been
provided by the user. This is a first step to loosen the dependency
on expect, which pulls in too many dependencies.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Tue, 30 Jan 2018 14:07:42 +0000 (09:07 -0500)]
swtpm: loop in case poll sets errno EINTR
In case the poll() is interrupted by a signal handler and we
get EINTR, we loop again assuming that the signal handler will
send us a notification to end.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Tue, 30 Jan 2018 13:54:30 +0000 (08:54 -0500)]
swtpm: close client file descriptor if POLLERR is indicated
POLLERR is indicated in some error cases when using the chardev with the
vtpm_proxy with runc. In case the flag is set, we terminate the client
connection rather than endlessly looping.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Tue, 30 Jan 2018 13:51:27 +0000 (08:51 -0500)]
swtpm: Refuse to accept passed file descriptors < 3
File descriptors 0, 1, and 2, when used for file descriptor passing,
as is the case in some older version of runc/docker-ce (17.06), do
not work. So we refuse accepting these values and log the error message.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Thu, 21 Dec 2017 01:15:59 +0000 (20:15 -0500)]
swtpm_setup: Only pass through vmid parameter if it was set
Only pass through the vmid parameter to the tool creating the cert
if this parameter was set. The tool creating the cert may require
it or ignore it and is supposed to be able to track certificates
for which it minted certs using this parameter.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Thu, 7 Dec 2017 22:50:14 +0000 (17:50 -0500)]
swtpm_ioctl: check for filename and input NULL pointers
Check whether filename and input pointers are NULL pointers.
Per previous code this is currently not possibly but should
resolve some issues with Coverity.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Tue, 14 Nov 2017 12:57:53 +0000 (07:57 -0500)]
tests: Extend encrypted state test to check for unmodified state
Extend the encrypted state test with a test case using a wrong key
for decrypting the state and make sure that the init fails and the
state files remain unmodified.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Thu, 9 Nov 2017 15:46:42 +0000 (10:46 -0500)]
swtpm_setup: Add options to overwrite or not overwrite TPM state
Add options --overwrite and --not-overwrite to allow or prevent
overwriting of existing TPM state. If neiter of the options is
given and existing state is found, an error is returned.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Sat, 4 Nov 2017 23:33:13 +0000 (19:33 -0400)]
swtpm: Implemented support for PTM_SET_BUFFERSIZE command
Implement a command for setting and querying the buffer size the
TPM implementation (libtpms) is using. The setting of the
buffersize allows to reduce the size of the buffer to a size
that the interface can support so that these two sizes match
and the TPM will not produce larger responses than what the
interface can support.
Extend swtpm_ioctl with an option to set the buffersize.
Adapt the existing tests to reflect the newly supported command.
Implement a new test for getting/setting of the buffer size.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Mon, 30 Oct 2017 15:49:21 +0000 (11:49 -0400)]
swtpm: fix segfault introduced in aa3999
Changeset aa3999 introduced a segfault when calling
ctrlchannel_set_client_fd() with a NULL pointer. Like all the other
functions, we return with -1 in this case.
Since the segfault occurred on process shutdown no problems were
noticeable through bad test results or so.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Sat, 14 Oct 2017 20:26:28 +0000 (16:26 -0400)]
swtpm: clean up server and ctrlchannel at the end
Introduce another parameter to ctrlchannel_new and server_new
to pass the Unix socket's path. Implement ctrlchannel_free and
server_free to clean up and remove the Unix socket's path.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Mon, 16 Oct 2017 17:11:40 +0000 (13:11 -0400)]
swtpm: Implement server_set_fd()
Implement server_set_fd() function to get the current file descriptor
and set a new one on the server structure.
Use this function to transfer the server file descriptor from the
server structure to the mainloop structure and have the main loop
close the file descriptor.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Wed, 11 Oct 2017 18:13:01 +0000 (14:13 -0400)]
tests: write binary string into file and then cat into device
Rather than using the non-bash echo tool, which doesn't seem to
support -e on OpenBSD, use the bash echo tool to write the binary
code into a file and cat the file into the device. This also works
around a problem when a sequence contains \x0a, which then seems
to be the last character written to the device if bash's echo is
used. It does this correctly when writing to a file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Fri, 6 Oct 2017 01:10:25 +0000 (21:10 -0400)]
tests: copy 'swtpm chardev' test to test_ctrlchannel4
Copy the test case that use 'swtpm chardev' to test_ctrlchannel4
and convert this test in test_ctrlchannel to use a socket. Make
test_ctrlchannel run on all platforms. test_ctrlchannel4 only
runs when WITH_CHARDEV is set in the Makefile.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Thu, 5 Oct 2017 21:25:49 +0000 (17:25 -0400)]
tests: Split off CMD_SET_DATAFD test into own file
Split off the CMD_SET_DATAFD into its own file. This test only works on
Linux, so we skip it on Cygwin for example. Otherwise it should be able
to run.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Wed, 4 Oct 2017 20:20:20 +0000 (16:20 -0400)]
tests: Allow to specify SWTPM_EXE, SWTPM_IOCTL and SWTPM_BIOS for tests
To enable the test suite to for example run a mixture of 32- and
64bit executables, allow users to specify the executables to use by
setting the variables SWTPM_EXE, SWTPM_IOCTL, and SWTPM_BIOS via
command line.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Fri, 29 Sep 2017 17:53:06 +0000 (13:53 -0400)]
tests: Use python twisted for sendmsg on python 2
Rather than sending two separate messages with the bare python 2
API, use the python twisted package to send the control and data
in one sendmsg() call. This avoids occasional test failures in
the ctrlchannel test case that is currently sending the data and
control part of the message in 2 steps, which can lead to the
recpient not seeing the whole message.
Add python-twisted as a build dependency to the rpm and Debian
builds and the .travis.yml.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Support added to receive data socket over control socket
As objected by QEMU upstream developers to use two different sockets for
starting/using of swtpm, This commit adds support for passing unix domain
socket over control channel.
The summary of the changes include:
- Defined new control command CMD_SET_DATAFD, using this clients can send data
socket.
- set mlp.fd and mlp.flags outside of the mainloop
- updated the testcases
Stefan Berger [Tue, 18 Jul 2017 21:02:59 +0000 (17:02 -0400)]
Fix possible illegal buffer access
Fix possible illegal buffer access in case a character device
is used via ioctl. In this case we have to make sure we only
access the number of bytes in the ioctl structure itself.
In case of a socket, make sure we received enough bytes to
be able to access the payload.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Thu, 15 Jun 2017 17:14:17 +0000 (13:14 -0400)]
tests: add functions for running swtpm and swtpm_ioctl
To be able to run tests with either one of the interfaces, add function
for running swtpm and swtpm_ioctl commands and form the command line
parameters dependent on the type of interface being passed. We rely on
environment variables to provide the specific parameters that are needed
to run the program with the appropriate parameters.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Mon, 10 Jul 2017 14:29:10 +0000 (10:29 -0400)]
Introduce '--flag not-need-init' for socket and chardev
Change the startup behavior with respect to requiring an INIT command
via control channel. We change this for the socket and chardev
interfaces so that the behavior now is the same as that of the CUSE
interface.
Introduce the --flag not-need-init command line option for the socket
and chardev interfaces to allow the old behavior using this option.
Adapt some of the test cases and swtpm_setup.sh.in that now need this
command line flag.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Sun, 9 Jul 2017 15:20:16 +0000 (11:20 -0400)]
Fix return code for ResetEstablishmentBit
If the return code from the command processing function is 0,
get the error code from the command response and return that one
instead. The problem was that clients though resetting the
establishment bit worked in locality 0 for example, while it did
not.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Stefan Berger [Fri, 30 Jun 2017 19:52:32 +0000 (15:52 -0400)]
swtpm_ioctl: fix ctrlcmd return parameter and fix state recv logic
Return the number of bytes received in case ctrlcmd does not
use an ioctl because in this case we need to know how many bytes
we received in the response.
The receiving of the state blob also needs to take into account
how many bytes were received in the initial response so we write
the proper amount of bytes from that response into the file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>