tests: Run tests also on socket interfaces

Refactor the tests so that they all run on socket interfaces as well.

Use socket ports in the range of 65400-65499 for TPM 1.2 tests.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

tests/Makefile.am

@@ -15,7 +15,6 @@ TESTS += \
 	test_ctrlchannel2
 endif
 
-if WITH_CUSE
 TESTS += \
 	test_encrypted_state \
 	test_getcap \
@@ -24,16 +23,12 @@ TESTS += \
 	test_init \
 	test_locality \
 	test_migration_key \
-	test_migration_key_2 \
 	test_resume_volatile \
 	test_save_load_encrypted_state \
-	test_save_load_encrypted_state_2 \
 	test_save_load_state \
-	test_save_load_state_2 \
-	test_swtpm_bios \
 	test_volatilestate \
+	test_swtpm_bios \
 	test_wrongorder
-endif
 
 if WITH_SWTPM_SETUP
 TESTS += \

tests/_test_encrypted_state

@@ -0,0 +1,266 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-encrypted-state"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+KEY=1234567890abcdef1234567890abcdef
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+keyfile=$(mktemp)
+logfile=$(mktemp)
+echo "$KEY" > $keyfile
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -f $keyfile $logfile
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} \
+	--key file=$keyfile,mode=aes-cbc,format=hex \
+	--log file=$logfile
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Hash command did not work."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Saving the volatile state failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ "$tmp" != " 0x1" ]; then
+	echo "Error: Unexpected configuration flags: $tmp; expected 0x1."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Start the TPM again; have the keyfile removed
+run_swtpm ${SWTPM_INTERFACE} \
+	--key file=$keyfile,mode=aes-cbc,format=hex,remove \
+	--log file=$logfile
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error (2): ${SWTPM_INTERFACE} TPM did not start."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ -r $keyfile ]; then
+	echo "Error: Keyfile $keyfile was not removed by swtpm_cuse."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Saving the volatile state failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Send a new TPM_Init
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+
+# Final shut down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_getcap

@@ -0,0 +1,95 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-getcap"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE}
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Get the capabilities flags from the TPM
+act=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -c)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the capability flags of the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after getting capabilities."
+	exit 1
+fi
+
+exp="ptm capability is 0x([[:xdigit:]]+)"
+if ! [[ "$act" =~ ^${exp}$ ]]; then
+	echo "Error: Expected string following regular expression '$exp' from ioctl tool but got '$act'."
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_hashing

@@ -0,0 +1,187 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-hashing"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit before the hashing
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag."
+	exit 1
+fi
+exp='tpmEstablished is 0'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (1): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Hash command did not work."
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit after the hashing
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag."
+	exit 1
+fi
+exp='tpmEstablished is 1'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (2): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Reset the establishment bit via locality 3
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 3
+if [ $? -ne -0 ]; then
+	echo "Error: Could not set locality 3"
+	exit 1
+fi
+
+# \x40 or \x0B seems to confuse 'normal' echo
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0A\x40\x00\x00\x0B')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Could not reset the establishment bit"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit after the reset
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag."
+	exit 1
+fi
+exp='tpmEstablished is 0'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (3): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# back to locality 0
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+if [ $? -ne 0 ]; then
+	echo "Error: Could not set locality 0."
+	exit 1
+fi
+
+# Read from a file
+dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
+	run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_hashing2

@@ -0,0 +1,213 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-hashing2"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit before the hashing
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+exp='tpmEstablished is 0'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (1): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Hash command did not work."
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit after the hashing
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+exp='tpmEstablished is 1'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (2): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Reset the establishment bit; we switch to locality 0 and reset via locality 3
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+if [ $? -ne 0 ]; then
+	echo "Error: Could not set locality 0"
+	exit 1
+fi
+
+for ((l = 0; l <= 2; l++)); do
+	# Resetting via locality 2 must fail
+	run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l
+	if [ $? -eq 0 ]; then
+		echo "Error: Could reset the establishment bit via locality $l"
+		exit 1
+	fi
+done
+
+# We expect the same results for the TPM_ResetEstablishment command
+for ((l = 0; l <= 2; l++)); do
+	# Set locality
+	run_swtpm_ioctl ${SWTPM_INTERFACE} -l $l
+	if [ $? -ne 0 ]; then
+		echo "Error: Could not choose locality $l"
+		exit 1
+	fi
+	# Have to use external echo command
+	swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
+	exp=' 00 c4 00 00 00 0a 00 00 00 3d'
+	if [ "$RES" != "$exp" ]; then
+		echo "Error: Could reset TPM establishment bit in locality $l using command"
+		echo "expected: $exp"
+		echo "received: $RES"
+		exit 1
+	fi
+done
+
+# Resetting via locality 3 must work
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 3
+if [ $? -ne 0 ]; then
+	echo "Error: Could not reset the establishment bit via locality 3"
+	exit 1
+fi
+
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Could reset TPM establishment bit in locality 3 using command"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit after the reset
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+exp='tpmEstablished is 0'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (3): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Read from a file
+dd if=/dev/zero bs=1024 count=1024 2>/dev/null |\
+	run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_init

@@ -0,0 +1,92 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-init"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+PID_FILE=$TPM_PATH/${SWTPM}.pid
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} --tpmstate dir=$TPM_PATH --pid file=$PID_FILE
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+if [ ! -r $PID_FILE ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
+	exit 1
+fi
+
+PIDF="$(cat $PID_FILE)"
+if [ "$PIDF" != "${SWTPM_PID}" ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_locality

@@ -0,0 +1,128 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-locality"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Set locality 4 on the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 4
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 4."
+	exit 1
+fi
+
+# Set illegal locality 5 on the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 5
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM accepted locality 5."
+	exit 1
+fi
+
+# Set locality 0 on the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 0."
+	exit 1
+fi
+
+# In locality 2 we can reset PCR 20
+run_swtpm_ioctl ${SWTPM_INTERFACE} -l 2
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 2."
+	exit 1
+fi
+
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Reset PCR 20
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Could not reset PCR 20 in locality 2"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Shut down TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_migration_key

@@ -0,0 +1,297 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+# set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="${VTPM_NAME:-vtpm-test-migration-key}"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+MIGRATION_PASSWORD="migration"
+VOLATILESTATE=${PWD}/${DIR}/data/migkey1/volatilestate.bin
+
+tpmstatedir=$(mktemp -d)
+if [ -z "$tpmstatedir" ]; then
+	echo "Could not create temporary directory."
+	exit 1
+fi
+
+migpwdfile=$(mktemp)
+if [ -z "$migpwdfile" ]; then
+	echo "Could not create temporary file."
+	exit 1
+fi
+echo -n "$MIGRATION_PASSWORD" > $migpwdfile
+
+volatilestatefile=$(mktemp)
+if [ -z "$volatilestatefile" ]; then
+	echo "Could not create temporary file."
+	exit 1
+fi
+
+SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $migpwdfile $volatilestatefile $tpmstatedir
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+# make a backup of the volatile state
+export TPM_PATH=$tpmstatedir
+cp ${PWD}/${DIR}/data/tpmstate1/* $TPM_PATH
+
+run_swtpm ${SWTPM_INTERFACE} --migration-key pwdfile=$migpwdfile,remove=false
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Read PCR 10
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Assert physical presence
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Create a big NVRAM Area with 4000 bytes (0xfa0)
+tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
+tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
+tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00'
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state into a file
+run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $volatilestatefile
+if [ $? -ne 0 ]; then
+	echo "Error: Could not save the volatile state to ${volatilestatefile}."
+	exit 1
+fi
+if [ ! -r $volatilestatefile ]; then
+	echo "Error: Volatile state file $volatilestatefile does not exist."
+	exit 1
+fi
+
+#ls -l $volatilestatefile
+size=$(stat -c%s $volatilestatefile)
+expsize=1290
+if [ $size -ne $expsize ]; then
+	echo "Error: Unexpected size of volatile state file."
+	echo "       Expected file with size of $expsize, found $size bytes."
+	exit 1
+fi
+
+hash=$(sha1sum $volatilestatefile | cut -f1 -d" ")
+exphash="bafa4b918745dee45537484f1a1089f9967b7df7"
+if [ "$hash" != "$exphash" ]; then
+	echo "Error: The checksum of the volatile state file is wrong."
+	echo "       Calculated: $hash"
+	echo "       Expected  : $exphash"
+	exit 1
+fi
+
+tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+if [ "$tmp" != " 0x2" ]; then
+	echo "Error: Unexpected configuration flags: $tmp; expected 0x2."
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+
+echo "Test 1: Ok"
+
+# Start the vTPM again and load the encrypted volatile state into it
+run_swtpm ${SWTPM_INTERFACE} --migration-key pwdfile=$migpwdfile,remove=false
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Do NOT init the TPM now; first load volatile state
+
+# load the encrypted volatile state into it
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
+if [ $? -ne 0 ]; then
+	echo "Error: Could not load encrypted volatile state into TPM."
+	exit 1
+fi
+
+# Now init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
+	exit 1
+fi
+
+# Read PCR 10
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+echo "Test 2: Ok"
+
+
+# Start the vTPM again and load the encrypted volatile state into it
+# This time we make this fail since we don't provide the migration key
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Do NOT init the TPM now; first load volatile state
+
+# load the encrypted volatile state into it
+# This will work; the TPM writes the data into the volatile state file
+# but doesn't vaidate it
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
+if [ $? -ne 0 ]; then
+	echo "Error: Could not load encrypted volatile state into TPM."
+	exit 1
+fi
+
+# Now init the TPM; this must fail since the volatile state does not
+# match with the integrity hash it is expecting to find
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -eq 0 ]; then
+	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM should have failed."
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+echo "Test 3: Ok"
+
+# In this test we now feed it an encrypted volatile state
+
+# Start the vTPM again and load the encrypted volatile state into it
+run_swtpm ${SWTPM_INTERFACE} --migration-key pwdfile=$migpwdfile,remove=true
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# load the encrypted volatile state into it
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $VOLATILESTATE
+if [ $? -ne 0 ]; then
+	echo "Error: Could not load encrypted volatile state into TPM."
+	exit 1
+fi
+
+# Now init the TPM; this must work
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+# Read PCR 10
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+echo "Test 4: Ok"

tests/_test_resume_volatile

@@ -0,0 +1,149 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-resume-volatile"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+
+tpmstatedir="$(mktemp -d)"
+if [ -z "$tpmstatedir" ]; then
+	echo "Could not create temporary directory"
+	exit 1
+fi
+
+SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $tpmstatedir
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+export TPM_PATH=$tpmstatedir
+
+# copy all the state files
+cp ${PWD}/${DIR}/data/tpmstate1/* ${TPM_PATH}
+
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Read PCR 10
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
+	exit 1
+fi
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+
+echo "Test 1: Ok"
+
+
+# 2nd test: with encrypted state
+# copy all the state files
+cp ${PWD}/${DIR}/data/tpmstate2/* ${TPM_PATH}
+
+run_swtpm ${SWTPM_INTERFACE} --key pwdfile=${PWD}/${DIR}/data/tpmstate2/pwdfile.txt
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Read PCR 10
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
+	exit 1
+fi
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+echo "Test 2: Ok"

tests/_test_save_load_encrypted_state

@@ -0,0 +1,306 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-encrypted-state}"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+KEY=1234567890abcdef1234567890abcdef
+MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
+MY_PERMANENT_STATE_FILE=$TPM_PATH/my.permanent
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+keyfile=$(mktemp)
+logfile=$(mktemp)
+echo "$KEY" > $keyfile
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -f $keyfile $logfile
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} \
+	--key file=$keyfile,mode=aes-cbc,format=hex \
+	--log file=$logfile
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Could not hash the data."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Assert physical presence
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Create a big NVRAM Area with 4000 bytes (0xfa0)
+tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
+tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
+tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00'
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+	echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Saved permanent state."
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Error: Could not write volatile state file $MY_PERMANENT_STATE_FILE."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Saved volatile state."
+
+ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
+sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
+
+# we will use our own volatile state
+rm -f $VOLATILE_STATE_FILE $STATE_FILE
+
+# Stop the TPM; this will not shut it down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+if [ $? -ne 0 ]; then
+	echo "Error (2): Could not stop the ${SWTPM_INTERFACE} TPM"
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# load state into the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Could not load permanent state into vTPM"
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Loaded permanent state."
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Could not load volatile state into vTPM"
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Loaded volatile state."
+
+#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
+#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "TPM Init failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Send a new TPM_Init
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Final shut down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_save_load_state

@@ -0,0 +1,304 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-state}"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
+MY_PERMANENT_STATE_FILE=$TPM_PATH/my.permanent
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+logfile=$(mktemp)
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -f $logfile
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} \
+	--log file=$logfile
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Hash command did not work."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Assert physical presence
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Create a big NVRAM Area with 4000 bytes (0xfa0)
+tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
+tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
+tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
+tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
+tmp+='\x00\x00\x00\x00\x00'
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+	echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Saved permanent state."
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Error: Could not write volatile state file $MY_VOLATILE_STATE_FILE."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Saved volatile state."
+
+#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
+#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
+
+# we will use our own volatile state
+rm -f $VOLATILE_STATE_FILE $STATE_FILE
+
+# Stop the TPM; this will not shut it down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+if [ $? -ne 0 ]; then
+	echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# load state into the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Could not load permanent state into vTPM"
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Loaded permanent state."
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+if [ $? -ne 0 ]; then
+	echo "Could not load volatile state into vTPM"
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+echo "Loaded volatile state."
+
+#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
+#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "TPM Init failed."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Send a new TPM_Init
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Final shut down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	echo "TPM Logfile:"
+	cat $logfile
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_swtpm_bios

@@ -0,0 +1,168 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+SWTPM_BIOS=$ROOT/src/swtpm_bios/swtpm_bios
+VTPM_NAME="vtpm-test-swtpm-bios"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+PID_FILE=$TPM_PATH/${SWTPM}.pid
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} --tpmstate dir=$TPM_PATH --pid file=$PID_FILE
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+if [ ! -r $PID_FILE ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
+	exit 1
+fi
+
+PIDF="$(cat $PID_FILE)"
+if [ "$PIDF" != "${SWTPM_PID}" ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# must work
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -o 2>&1)
+if [ $? -ne 0 ] || [ -n "$res" ]; then
+	echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+#  must work
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -cs 2>&1)
+if [ $? -ne 0 ] || [ -n "$res" ]; then
+	echo "Error: Could not self-test the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+#  must work
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+if [ $? -ne 0 ] || [ -n "$res" ]; then
+	echo "Error: Could not give up physical presence on the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+#  will NOT work -- we get error output in $res
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+ret=$?
+if [ $ret -eq 0 ] || [ -z "$res" ]; then
+	echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+if [ $ret -ne 128 ]; then
+	echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret."
+	exit 1
+fi
+
+#  will NOT work (wrong device) -- we get error output in $res
+res=$(TPM_DEVICE=/dev/${VTPM_NAME}123 ${SWTPM_BIOS} -n -u 2>&1)
+ret=$?
+if [ $ret -eq 0 ] || [ -z "$res" ]; then
+	echo "Error: Could give up physical presence on wrong device."
+	exit 1
+fi
+
+if [ $ret -ne 255 ]; then
+	echo "Error: Wrong return code from swtpm_bios. Should be 255, had $ret."
+	exit 1
+fi
+
+
+# RESET TPM
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+# must work
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -cs -u 2>&1)
+if [ $? -ne 0 ] || [ -n "$res" ]; then
+	echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+#  will NOT work -- we get error output in $res
+res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+ret=$?
+if [ $ret -eq 0 ] || [ -z "$res" ]; then
+	echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+if [ $ret -ne 128 ]; then
+	echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret."
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_volatilestate

@@ -0,0 +1,232 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-volatilestate"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+# Startup the TPM
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+exp=' 00 c4 00 00 00 0a 00 00 00 00'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+if [ $? -ne 0 ]; then
+	echo "Error: Hash command did not work."
+	exit 1
+fi
+
+# Read PCR 17
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check the TPM Established bit after the hashing
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+exp='tpmEstablished is 1'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (2): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
+	exit 1
+fi
+
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	exit 1
+fi
+
+# Shut the TPM down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+# Start the TPM again
+run_swtpm ${SWTPM_INTERFACE}
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check that the TPM Established bit is still set
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+exp='tpmEstablished is 1'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (2): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Save the volatile state again
+run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+if [ $? -ne 0 ]; then
+	echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
+	exit 1
+fi
+
+if [ ! -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
+	exit 1
+fi
+
+# Send a new TPM_Init
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+# Volatile state must have been removed by TPM now
+if [ -r $VOLATILE_STATE_FILE ]; then
+	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
+	exit 1
+fi
+
+# Read the PCR again ...
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Check that the TPM Established bit is still set
+RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+if [ $? -ne 0 ]; then
+	echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+exp='tpmEstablished is 1'
+if [ "$RES" != "$exp" ]; then
+	echo "Error (2): TPM Established flag has wrong value."
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+# Final shut down
+exec 100>&-
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+echo "OK"
+
+exit 0

tests/_test_wrongorder

@@ -0,0 +1,125 @@
+#!/bin/bash
+
+# For the license, see the LICENSE file in the root directory.
+#set -x
+
+DIR=$(dirname "$0")
+ROOT=${DIR}/..
+VTPM_NAME="vtpm-test-wrongorder"
+SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
+export TPM_PATH=$(mktemp -d)
+STATE_FILE=$TPM_PATH/tpm-00.permall
+LOG_FILE=$TPM_PATH/tpm-00.log
+VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
+SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
+SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
+
+function cleanup()
+{
+	pid=${SWTPM_PID}
+	if [ -n "$pid" ]; then
+		kill -9 $pid
+	fi
+	rm -rf $TPM_PATH
+}
+
+trap "cleanup" EXIT
+
+[ "${SWTPM_INTERFACE}" == cuse ] && source ${DIR}/test_cuse
+source ${DIR}/common
+source ${DIR}/test_common
+
+rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+
+run_swtpm ${SWTPM_INTERFACE} --log file=$LOG_FILE,level=20
+
+ps aux | grep $SWTPM | grep -v grep
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
+	exit 1
+fi
+
+if [ "${SWTPM_INTERFACE}" != "cuse" ]; then
+	run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+	if [ $? -ne 0 ]; then
+		echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM"
+		exit 1
+	fi
+fi
+
+# Get the established bit before the TPM has been initialized
+# This should not work
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -e
+if [ $? -eq 0 ]; then
+	echo "Error: Could get established bit from ${SWTPM_INTERFACE} TPM before init."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
+	exit 1
+fi
+
+
+# Read PCR 17 -- this should give a fatal error response
+swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+exp=' 00 c4 00 00 00 0a 00 00 00 09'
+if [ "$RES" != "$exp" ]; then
+	echo "Error: Did not get expected result from TPM_PCRRead(17)"
+	echo "expected: $exp"
+	echo "received: $RES"
+	exit 1
+fi
+
+exec 100>&-
+
+kill -0 ${SWTPM_PID}
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
+	exit 1
+fi
+
+# Init the TPM
+run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+if [ $? -ne 0 ]; then
+	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -ne 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
+	exit 1
+fi
+
+run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+if [ $? -ne 0 ]; then
+	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
+	exit 1
+fi
+
+sleep 0.5
+
+kill -0 ${SWTPM_PID} 2>/dev/null
+if [ $? -eq 0 ]; then
+	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
+	exit 1
+fi
+
+if [ ! -e $STATE_FILE ]; then
+	echo "Error: TPM state file $STATE_FILE does not exist."
+	exit 1
+fi
+
+check_logfile_patterns_level_20 $LOG_FILE
+rm -f $LOG_FILE
+
+echo "OK"
+
+exit 0

tests/test_ctrlchannel

@@ -155,7 +155,7 @@ echo "OK"
 
 # use a pseudo terminal
 $SWTPM_EXE socket \
-	--server port=65530,disconnect=true \
+	--server port=65430,disconnect=true \
 	--tpmstate dir=$TPMDIR \
 	--pid file=$PID_FILE \
 	--ctrl type=unixio,path=$SOCK_PATH \
@@ -168,7 +168,7 @@ fi
 
 PID="$(cat $PID_FILE)"
 
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 
 # Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
 res="$(unix_tx '\x00\x00\x00\x01')"
@@ -304,7 +304,7 @@ if [ "$res" != "$exp" ]; then
 fi
 
 # Read PCR 17
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
 RES=$(cat <&100 | od -t x1 -A n | tr -d "\n")
 exp=' 00 c4 00 00 00 1e 00 00 00 00 c4 e1 e1 c9 81 c0 cd b1 e0 43 df 97 20 72 f9 5d a9 ff 06 ff'
@@ -340,7 +340,7 @@ if [ "$res" != "$exp" ]; then
 fi
 
 # Read PCR 17 -- should fail now
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
 RES=$(cat <&100 | od -t x1 -A n | tr -d "\n")
 exp=' 00 c4 00 00 00 0a 00 00 00 09'
@@ -398,7 +398,7 @@ echo "OK"
 cp ${PWD}/${DIR}/data/tpmstate2/* ${TPMDIR}
 
 $SWTPM_EXE socket \
-	--server port=65530,disconnect=true \
+	--server port=65430,disconnect=true \
 	--tpmstate dir=$TPMDIR \
 	--pid file=$PID_FILE \
 	--ctrl type=unixio,path=$SOCK_PATH \
@@ -415,7 +415,7 @@ PID="$(cat $PID_FILE)"
 
 
 # Read PCR 10
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
@@ -469,7 +469,7 @@ echo "OK"
 rm -f $TPMDIR/*.volatilestate
 
 $SWTPM_EXE socket \
-	--server port=65530,disconnect=true \
+	--server port=65430,disconnect=true \
 	--tpmstate dir=$TPMDIR \
 	--pid file=$PID_FILE \
 	--ctrl type=unixio,path=$SOCK_PATH \
@@ -486,7 +486,7 @@ PID="$(cat $PID_FILE)"
 
 
 # Read PCR 10 -- this should fail now
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 0a 00 00 00 26'
@@ -535,7 +535,7 @@ fi
 
 
 # Read PCR 10 -- has to return same result as before
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
@@ -548,7 +548,7 @@ fi
 
 
 # Reset PCR 20 while in locality 0 -- should not work
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
 RES=$(cat <&100 | od -t x1 -A n)
 exp=' 00 c4 00 00 00 0a 00 00 00 33'
@@ -571,7 +571,7 @@ if [ "$res" != "$exp" ]; then
 fi
 
 # Reset PCR 20 while in locality 2 -- has to work
-exec 100<>/dev/tcp/localhost/65530
+exec 100<>/dev/tcp/localhost/65430
 echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
 RES=$(cat <&100 | od -t x1 -A n)
 exp=' 00 c4 00 00 00 0a 00 00 00 00'

tests/test_ctrlchannel2

@@ -118,7 +118,7 @@ echo "OK"
 # There are a few more tests here that require sending commands to the TPM
 
 # use a pseudo terminal
-$SWTPM_EXE socket --server port=65531,disconnect=true --tpmstate dir=$TPMDIR --pid file=$PID_FILE --ctrl type=unixio,path=$SOCK_PATH &
+$SWTPM_EXE socket --server port=65431,disconnect=true --tpmstate dir=$TPMDIR --pid file=$PID_FILE --ctrl type=unixio,path=$SOCK_PATH &
 
 if wait_for_file $PID_FILE 3; then
 	echo "Error: Socket TPM did not write pidfile."
@@ -127,7 +127,7 @@ fi
 
 PID="$(cat $PID_FILE)"
 
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 
 # Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
 act=$($SWTPM_IOCTL --unix $SOCK_PATH -c 2>&1)
@@ -230,7 +230,7 @@ if [ "$act" != "$exp" ]; then
 fi
 
 # Read PCR 17
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
 RES=$(cat <&100 | od -t x1 -A n | tr -d "\n")
 exp=' 00 c4 00 00 00 1e 00 00 00 00 f9 87 3e 96 6b 9e 46 c8 45 46 2d 1f f2 52 eb cc c1 9b df fd'
@@ -256,7 +256,7 @@ if [ $? -ne 0 ]; then
 fi
 
 # Read PCR 17 -- should fail now
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
 RES=$(cat <&100 | od -t x1 -A n | tr -d "\n")
 exp=' 00 c4 00 00 00 0a 00 00 00 09'
@@ -307,7 +307,7 @@ echo "OK"
 cp ${PWD}/${DIR}/data/tpmstate2/* ${TPMDIR}
 
 $SWTPM_EXE socket \
-	--server port=65531,disconnect=true \
+	--server port=65431,disconnect=true \
 	--tpmstate dir=$TPMDIR \
 	--pid file=$PID_FILE \
 	--ctrl type=unixio,path=$SOCK_PATH \
@@ -323,7 +323,7 @@ PID="$(cat $PID_FILE)"
 
 
 # Read PCR 10
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
@@ -365,7 +365,7 @@ fi
 rm -f $TPMDIR/*.volatilestate
 
 $SWTPM_EXE socket \
-	--server port=65531,disconnect=true \
+	--server port=65431,disconnect=true \
 	--tpmstate dir=$TPMDIR \
 	--pid file=$PID_FILE \
 	--ctrl type=unixio,path=$SOCK_PATH \
@@ -381,7 +381,7 @@ PID="$(cat $PID_FILE)"
 
 
 # Read PCR 10 -- this should fail now
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 0a 00 00 00 26'
@@ -415,7 +415,7 @@ if [ $? -ne 0 ]; then
 fi
 
 # Read PCR 10 -- has to return same result as before
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
 RES=$(cat <&100 | od -t x1 -A n -w128)
 exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
@@ -428,7 +428,7 @@ fi
 
 
 # Reset PCR 20 while in locality 0 -- should not work
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
 RES=$(cat <&100 | od -t x1 -A n)
 exp=' 00 c4 00 00 00 0a 00 00 00 33'
@@ -448,7 +448,7 @@ if [ $? -ne 0 ]; then
 fi
 
 # Reset PCR 20 while in locality 2 -- has to work
-exec 100<>/dev/tcp/localhost/65531
+exec 100<>/dev/tcp/localhost/65431
 echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
 RES=$(cat <&100 | od -t x1 -A n)
 exp=' 00 c4 00 00 00 0a 00 00 00 00'

tests/test_cuse

@@ -1,6 +1,16 @@
 
 # For the license, see the LICENSE file in the root directory.
 
+if ! [[ "$(uname -o)" =~ Linux ]]; then
+	echo "Need Linux to run test with CUSE interface."
+	exit 77
+fi
+
+if [ "$(id -u)" -ne 0 ]; then
+	echo "Need to be root to run test with CUSE interface."
+	exit 77
+fi
+
 if [ ! -c /dev/cuse ]; then
 	modprobe cuse
 	if [ $? -ne 0 ]; then

tests/test_encrypted_state

@@ -1,274 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-encrypted-state"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
-KEY=1234567890abcdef1234567890abcdef
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65400
+export SWTPM_CTRL_PORT=65401
+bash _test_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-keyfile=$(mktemp)
-logfile=$(mktemp)
-echo "$KEY" > $keyfile
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65400
+bash _test_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -f $keyfile $logfile
-	rm -rf $TPM_PATH
-}
-
-trap "cleanup" EXIT
-
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME --key file=$keyfile,mode=aes-cbc,format=hex \
-	--log file=$logfile
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Hash command did not work."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Saving the volatile state failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-tmp=$($CUSE_TPM_IOCTL -g /dev/$VTPM_NAME | cut -d":" -f2)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the configration flags of the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ "$tmp" != " 0x1" ]; then
-	echo "Error: Unexpected configuration flags: $tmp; expected 0x1."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Start the TPM again; have the keyfile removed
-$SWTPM_EXE -n $VTPM_NAME --key file=$keyfile,mode=aes-cbc,format=hex,remove \
-	--log file=$logfile
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error (2): CUSE TPM did not start."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ -r $keyfile ]; then
-	echo "Error: Keyfile $keyfile was not removed by swtpm_cuse."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Saving the volatile state failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Send a new TPM_Init
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-
-# Final shut down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_getcap

@@ -1,103 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_getcap
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-getcap"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_getcap
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65402
+export SWTPM_CTRL_PORT=65403
+bash _test_getcap
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65402
+bash _test_getcap
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-ls -l /dev/vtpm*
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Get the capabilities flags from the TPM
-act=$($CUSE_TPM_IOCTL -c /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the capability flags of the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after getting capabilities."
-	exit 1
-fi
-
-exp="ptm capability is 0x([[:xdigit:]]+)"
-if ! [[ "$act" =~ ^${exp}$ ]]; then
-	echo "Error: Expected string following regular expression '$exp' from ioctl tool but got '$act'."
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_getcap
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_hashing

@@ -1,198 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_hashing
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-hashing"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_hashing
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65404
+export SWTPM_CTRL_PORT=65405
+bash _test_hashing
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65404
+bash _test_hashing
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit before the hashing
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag."
-	exit 1
-fi
-exp='tpmEstablished is 0'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (1): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Hash command did not work."
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit after the hashing
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag."
-	exit 1
-fi
-exp='tpmEstablished is 1'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Reset the establishment bit via locality 3
-$CUSE_TPM_IOCTL -l 3 /dev/$VTPM_NAME
-if [ $? -ne -0 ]; then
-	echo "Error: Could not set locality 3"
-	exit 1
-fi
-
-ECHO=$(which echo)
-if [ -z "$ECHO" ]; then
-	echo "Could not find NON-bash builtin echo tool."
-	exit 1
-fi
-# \x40 or \x0B seems to confuse 'normal' echo
-$ECHO -en '\x00\xC1\x00\x00\x00\x0A\x40\x00\x00\x0B' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Could not reset the establishment bit"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit after the reset
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag."
-	exit 1
-fi
-exp='tpmEstablished is 0'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (3): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# back to locality 0
-$CUSE_TPM_IOCTL -l 0 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not set locality 0."
-	exit 1
-fi
-
-# Read from a file
-dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
-	$CUSE_TPM_IOCTL -h - /dev/$VTPM_NAME
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_hashing
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_hashing2

@@ -1,226 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_hashing2
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-hashing2"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_hashing2
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65406
+export SWTPM_CTRL_PORT=65407
+bash _test_hashing2
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65406
+bash _test_hashing2
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit before the hashing
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag from the CUSE TPM."
-	exit 1
-fi
-exp='tpmEstablished is 0'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (1): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Hash command did not work."
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit after the hashing
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag from the CUSE TPM."
-	exit 1
-fi
-exp='tpmEstablished is 1'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Reset the establishment bit; we switch to locality 0 and reset via locality 3
-$CUSE_TPM_IOCTL -l 0 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not set locality 0"
-	exit 1
-fi
-
-for ((l = 0; l <= 2; l++)); do
-	# Resetting via locality 2 must fail
-	$CUSE_TPM_IOCTL -r $l /dev/$VTPM_NAME
-	if [ $? -eq 0 ]; then
-		echo "Error: Could reset the establishment bit via locality $l"
-		exit 1
-	fi
-done
-
-ECHO=$(which echo)
-if [ -z "$ECHO" ]; then
-	echo "Error: Could not find echo tool."
-	exit 1
-fi
-
-# We expect the same results for the TPM_ResetEstablishment command
-for ((l = 0; l <= 2; l++)); do
-	# Set locality
-	$CUSE_TPM_IOCTL -l $l /dev/$VTPM_NAME
-	if [ $? -ne 0 ]; then
-		echo "Error: Could not choose locality $l"
-		exit 1
-	fi
-	# Have to use external echo command
-	$ECHO -en '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b' >&100
-	RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-	exp=' 00 c4 00 00 00 0a 00 00 00 3d'
-	if [ "$RES" != "$exp" ]; then
-		echo "Error: Could reset TPM establishment bit in locality $l using command"
-		echo "expected: $exp"
-		echo "received: $RES"
-		exit 1
-	fi
-done
-
-# Resetting via locality 3 must work
-$CUSE_TPM_IOCTL -l 3 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not reset the establishment bit via locality 3"
-	exit 1
-fi
-
-# Have to use external echo command
-$ECHO -en '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Could reset TPM establishment bit in locality 3 using command"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit after the reset
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-exp='tpmEstablished is 0'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (3): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Read from a file
-dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
-	$CUSE_TPM_IOCTL -h - /dev/$VTPM_NAME
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_hashing2
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_init

@@ -1,96 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_init
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-init"
-TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
-PID_FILE=$TPM_PATH/${SWTPM}.pid
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_init
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65408
+export SWTPM_CTRL_PORT=65409
+bash _test_init
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65408
+bash _test_init
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE --tpmstate dir=$TPM_PATH --pid file=$PID_FILE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-if [ ! -r $PID_FILE ]; then
-	echo "Error: CUSE TPM did not write pidfile."
-	exit 1
-fi
-
-PIDF="$(cat $PID_FILE)"
-if [ "$PIDF" != "$PID" ]; then
-	echo "Error: CUSE TPM wrote pid $PIDF, but found $PID."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_init
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_locality

@@ -1,306 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_locality
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-locality"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_locality
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65410
+export SWTPM_CTRL_PORT=65411
+bash _test_locality
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65410
+bash _test_locality
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Set locality 4 on the TPM
-$CUSE_TPM_IOCTL -l 4 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not accept locality 4."
-	exit 1
-fi
-
-# Set locality 4 via command -- this must fail (TPM_FAIL)
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xc1\x00\x00\x00\x0b\x20\x00\x10\x00\x04' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 09'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): Did not get expected result from SetLocality 4 command"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Set locality 3 via command -- this must fail (TPM_FAIL)
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xc1\x00\x00\x00\x0b\x20\x00\x10\x00\x03' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 09'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): Did not get expected result from SetLocality 3 command"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Set illegal locality 5 on the TPM
-$CUSE_TPM_IOCTL -l 5 /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM accepted locality 5."
-	exit 1
-fi
-
-# Set locality 0 on the TPM
-$CUSE_TPM_IOCTL -l 0 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not accept locality 0."
-	exit 1
-fi
-
-# In locality 2 we can reset PCR 20
-$CUSE_TPM_IOCTL -l 2 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not accept locality 2."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-# Startup the TPM
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Reset PCR 20
-echo -en '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Could not reset PCR 20 in locality 2"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Shut down TPM
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
-
-
-$SWTPM_EXE --locality reject-locality-4 -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Set locality 4 on the TPM -- this must fail now
-$CUSE_TPM_IOCTL -l 4 /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM MUST NOT accept locality 4."
-	exit 1
-fi
-
-# Set illegal locality 5 on the TPM
-$CUSE_TPM_IOCTL -l 5 /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM accepted locality 5."
-	exit 1
-fi
-
-# Shut down TPM
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
-
-#
-# Allow setting of locality via command
-#
-$SWTPM_EXE --locality reject-locality-4,allow-set-locality -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Set locality 4 on the TPM -- this must fail now
-$CUSE_TPM_IOCTL -l 4 /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM MUST NOT accept locality 4."
-	exit 1
-fi
-
-# Set locality 4 via command -- this must fail (BAD LOCALITY)
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xc1\x00\x00\x00\x0b\x20\x00\x10\x00\x04' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 3d'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (3): Did not get expected result from SetLocality 4 command"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Set locality 3 via command -- this must work
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xc1\x00\x00\x00\x0b\x20\x00\x10\x00\x03' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): Did not get expected result from SetLocality 3 command"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Set illegal locality 5 on the TPM
-$CUSE_TPM_IOCTL -l 5 /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM accepted locality 5."
-	exit 1
-fi
-
-# Shut down TPM
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_locality
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_migration_key

@@ -1,319 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-# set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_migration_key
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="${VTPM_NAME:-vtpm-test-migration-key}"
-MIGRATION_PASSWORD="migration"
-VOLATILESTATE=${PWD}/${DIR}/data/migkey1/volatilestate.bin
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_migration_key
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-tpmstatedir=$(mktemp -d)
-if [ -z "$tpmstatedir" ]; then
-	echo "Could not create temporary directory."
-	exit 1
-fi
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65412
+export SWTPM_CTRL_PORT=65413
+bash _test_migration_key
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-migpwdfile=$(mktemp)
-if [ -z "$migpwdfile" ]; then
-	echo "Could not create temporary file."
-	exit 1
-fi
-echo -n "$MIGRATION_PASSWORD" > $migpwdfile
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65412
+bash _test_migration_key
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-volatilestatefile=$(mktemp)
-if [ -z "$volatilestatefile" ]; then
-	echo "Could not create temporary file."
-	exit 1
-fi
+export SWTPM_INTERFACE=unix+unix
+bash _test_migration_key
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $migpwdfile $volatilestatefile $tpmstatedir
-}
-
-trap "cleanup" EXIT
-
-source ${DIR}/test_cuse
-
-# make a backup of the volatile state
-export TPM_PATH=$tpmstatedir
-cp ${PWD}/${DIR}/data/tpmstate1/* $TPM_PATH
-
-$SWTPM_EXE --migration-key pwdfile=$migpwdfile,remove=false -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Initializing the CUSE TPM failed."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-ECHO=$(which echo)
-if [ -z "$ECHO" ]; then
-	echo "Could not find NON-bash builtin echo tool."
-	exit 1
-fi
-
-# Read PCR 10
-$ECHO -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Assert physical presence
-$ECHO -en '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Create a big NVRAM Area with 4000 bytes (0xfa0)
-tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
-tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
-tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00'
-$ECHO -en $tmp >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state into a file
-$CUSE_TPM_IOCTL --save volatile $volatilestatefile /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not save the volatile state to ${volatilestatefile}."
-	exit 1
-fi
-if [ ! -r $volatilestatefile ]; then
-	echo "Error: Volatile state file $volatilestatefile does not exist."
-	exit 1
-fi
-
-#ls -l $volatilestatefile
-size=$(stat -c%s $volatilestatefile)
-expsize=1290
-if [ $size -ne $expsize ]; then
-	echo "Error: Unexpected size of volatile state file."
-	echo "       Expected file with size of $expsize, found $size bytes."
-	exit 1
-fi
-
-hash=$(sha1sum $volatilestatefile | cut -f1 -d" ")
-exphash="bafa4b918745dee45537484f1a1089f9967b7df7"
-if [ "$hash" != "$exphash" ]; then
-	echo "Error: The checksum of the volatile state file is wrong."
-	echo "       Calculated: $hash"
-	echo "       Expected  : $exphash"
-	exit 1
-fi
-
-tmp=$($CUSE_TPM_IOCTL -g /dev/$VTPM_NAME | cut -d":" -f2)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the configration flags of the CUSE TPM."
-	exit 1
-fi
-
-if [ "$tmp" != " 0x2" ]; then
-	echo "Error: Unexpected configuration flags: $tmp; expected 0x2."
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-
-echo "Test 1: Ok"
-
-# Start the vTPM again and load the encrypted volatile state into it
-$SWTPM_EXE --migration-key pwdfile=$migpwdfile,remove=false -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Do NOT init the TPM now; first load volatile state
-
-# load the encrypted volatile state into it
-$CUSE_TPM_IOCTL --load volatile $volatilestatefile /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not load encrypted volatile state into TPM."
-	exit 1
-fi
-
-# Now init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Initializing the CUSE TPM failed."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-# Read PCR 10
-$ECHO -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-echo "Test 2: Ok"
-
-
-# Start the vTPM again and load the encrypted volatile state into it
-# This time we make this fail since we don't provide the migration key
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Do NOT init the TPM now; first load volatile state
-
-# load the encrypted volatile state into it
-# This will work; the TPM writes the data into the volatile state file
-# but doesn't vaidate it
-$CUSE_TPM_IOCTL --load volatile $volatilestatefile /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not load encrypted volatile state into TPM."
-	exit 1
-fi
-
-# Now init the TPM; this must fail since the volatile state does not
-# match with the integrity hash it is expecting to find
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: Initializing the CUSE TPM should have failed."
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-echo "Test 3: Ok"
-
-# In this test we now feed it an encrypted volatile state
-
-# Start the vTPM again and load the encrypted volatile state into it
-$SWTPM_EXE --migration-key pwdfile=$migpwdfile,remove=true -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# load the encrypted volatile state into it
-$CUSE_TPM_IOCTL --load volatile $VOLATILESTATE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not load encrypted volatile state into TPM."
-	exit 1
-fi
-
-# Now init the TPM; this must work
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-# Read PCR 10
-$ECHO -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-echo "Test 4: Ok"
+exit 0

tests/test_resume_volatile

@@ -1,165 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_resume_volatile
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-resume-volatile"
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_resume_volatile
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-tpmstatedir="$(mktemp -d)"
-if [ -z "$tpmstatedir" ]; then
-	echo "Could not create temporary directory"
-	exit 1
-fi
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65414
+export SWTPM_CTRL_PORT=65415
+bash _test_resume_volatile
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $tpmstatedir
-}
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65414
+bash _test_resume_volatile
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=unix+unix
+bash _test_resume_volatile
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-export TPM_PATH=$tpmstatedir
-
-# copy all the state files
-cp ${PWD}/${DIR}/data/tpmstate1/* ${TPM_PATH}
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-ECHO=$(which echo)
-if [ -z "$ECHO" ]; then
-	echo "Could not find NON-bash builtin echo tool."
-	exit 1
-fi
-
-# Read PCR 10
-$ECHO -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
-	exit 1
-fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-
-echo "Test 1: Ok"
-
-
-# 2nd test: with encrypted state
-# copy all the state files
-cp ${PWD}/${DIR}/data/tpmstate2/* ${TPM_PATH}
-
-$SWTPM_EXE -n $VTPM_NAME --key pwdfile=${PWD}/${DIR}/data/tpmstate2/pwdfile.txt
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-exec 100<>/dev/$VTPM_NAME
-
-# Read PCR 10
-$ECHO -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
-	exit 1
-fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-echo "Test 2: Ok"
+exit 0

tests/test_save_load_encrypted_state

@@ -1,313 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_save_load_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-encrypted-state}"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
-KEY=1234567890abcdef1234567890abcdef
-MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
-MY_PERMANENT_STATE_FILE=$TPM_PATH/my.permanent
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_save_load_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-keyfile=$(mktemp)
-logfile=$(mktemp)
-echo "$KEY" > $keyfile
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65416
+export SWTPM_CTRL_PORT=65417
+bash _test_save_load_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -f $keyfile $logfile
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65416
+bash _test_save_load_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
-
-ECHO=`which echo`
-if [ -z "$ECHO" ]; then
-	echo "Error: Could not find external echo tool."
-	exit 1
-fi
-
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME --key file=$keyfile,mode=aes-cbc,format=hex \
-	--log file=$logfile
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not hash the data."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Assert physical presence
-$ECHO -en '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Create a big NVRAM Area with 4000 bytes (0xfa0)
-tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
-tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
-tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00'
-$ECHO -en $tmp >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL --save permanent $MY_PERMANENT_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
-	echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Saved permanent state."
-
-$CUSE_TPM_IOCTL --save volatile $MY_VOLATILE_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not write volatile state file $MY_PERMANENT_STATE_FILE."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Saved volatile state."
-
-ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
-sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
-
-# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
-
-# Stop the TPM; this will not shut it down
-exec 100>&-
-$CUSE_TPM_IOCTL --stop /dev/$VTPM_NAME
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error (2): CUSE TPM is not running anymore."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# load state into the TPM
-$CUSE_TPM_IOCTL --load permanent $MY_PERMANENT_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Could not load permanent state into vTPM"
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Loaded permanent state."
-
-$CUSE_TPM_IOCTL --load volatile $MY_VOLATILE_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Could not load volatile state into vTPM"
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Loaded volatile state."
-
-#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
-#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "TPM Init failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM write the volatile state to a file."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Send a new TPM_Init
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM initialization failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Final shut down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_save_load_encrypted_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_save_load_encrypted_state_2

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-# Run the test_save_load_encrypted_state with swtpm_ioctl using the
-# read/write interface rather than ioctl
-export VTPM_NAME="vtpm-test2-save-load-encrypted-state"
-cd "$(dirname "$0")"
-
-export SWTPM_IOCTL_BUFFERSIZE=100
-bash test_save_load_encrypted_state
-ret=$?
-[ $ret -ne 0 ] && exit $ret
-
-export SWTPM_IOCTL_BUFFERSIZE=4096
-bash test_save_load_encrypted_state
-ret=$?
-[ $ret -ne 0 ] && exit $ret
-
-exit 0

tests/test_save_load_state

@@ -1,318 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_save_load_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-state}"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
-MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
-MY_PERMANENT_STATE_FILE=$TPM_PATH/my.permanent
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_save_load_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-logfile=$(mktemp)
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65418
+export SWTPM_CTRL_PORT=65419
+bash _test_save_load_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -f $logfile
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65418
+bash _test_save_load_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
-
-ECHO=`which echo`
-if [ -z "$ECHO" ]; then
-	echo "Error: Could not find external echo tool."
-	exit 1
-fi
-
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME \
-	--log file=$logfile
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME " | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Hash command did not work."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Assert physical presence
-$ECHO -en '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Create a big NVRAM Area with 4000 bytes (0xfa0)
-tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
-tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
-tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
-tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
-tmp+='\x00\x00\x00\x00\x00'
-$ECHO -en $tmp >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL --save permanent $MY_PERMANENT_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
-	echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Saved permanent state."
-
-$CUSE_TPM_IOCTL --save volatile $MY_VOLATILE_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not write volatile state file $MY_VOLATILE_STATE_FILE."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Saved volatile state."
-
-#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
-#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
-
-# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
-
-# Stop the TPM; this will not shut it down
-exec 100>&-
-$CUSE_TPM_IOCTL --stop /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not stop the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error (2): CUSE TPM is not running anymore."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# load state into the TPM
-$CUSE_TPM_IOCTL --load permanent $MY_PERMANENT_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Could not load permanent state into vTPM"
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Loaded permanent state."
-
-$CUSE_TPM_IOCTL --load volatile $MY_VOLATILE_STATE_FILE /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Could not load volatile state into vTPM"
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-echo "Loaded volatile state."
-
-#ls -l $(dirname $MY_VOLATILE_STATE_FILE)/*
-#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "TPM Init failed."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM store the volatile state to a file."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Send a new TPM_Init
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Final shut down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	echo "TPM Logfile:"
-	cat $logfile
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_save_load_state
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_save_load_state_2

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-# Run the test_save_load_encrypted_state with swtpm_ioctl using the
-# read/write interface rather than ioctl
-export VTPM_NAME="vtpm-test2-save-load-state"
-cd "$(dirname "$0")"
-
-export SWTPM_IOCTL_BUFFERSIZE=100
-bash test_save_load_encrypted_state
-ret=$?
-[ $ret -ne 0 ] && exit $ret
-
-export SWTPM_IOCTL_BUFFERSIZE=4096
-bash test_save_load_encrypted_state
-ret=$?
-[ $ret -ne 0 ] && exit $ret
-
-exit 0

tests/test_swtpm_bios

@@ -1,175 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
-
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-SWTPM_BIOS=$ROOT/src/swtpm_bios/swtpm_bios
-VTPM_NAME="vtpm-test-swtpm-bios"
-TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
-PID_FILE=$TPM_PATH/${SWTPM}.pid
-
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
-
-trap "cleanup" EXIT
-
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE --tpmstate dir=$TPM_PATH --pid file=$PID_FILE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-if [ ! -r $PID_FILE ]; then
-	echo "Error: CUSE TPM did not write pidfile."
-	exit 1
-fi
-
-PIDF="$(cat $PID_FILE)"
-if [ "$PIDF" != "$PID" ]; then
-	echo "Error: CUSE TPM wrote pid $PIDF, but found $PID."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# must work
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -o 2>&1)
-if [ $? -ne 0 ] || [ -n "$res" ]; then
-	echo "Error: Could not startup the CUSE TPM."
-	exit 1
-fi
-
-#  must work
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -n -cs 2>&1)
-if [ $? -ne 0 ] || [ -n "$res" ]; then
-	echo "Error: Could not self-test the CUSE TPM."
-	exit 1
-fi
-
-#  must work
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -n -u 2>&1)
-if [ $? -ne 0 ] || [ -n "$res" ]; then
-	echo "Error: Could not give up physical presence on the CUSE TPM."
-	exit 1
-fi
-
-#  will NOT work -- we get error output in $res
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -n -u 2>&1)
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_swtpm_bios
 ret=$?
-if [ $ret -eq 0 ] || [ -z "$res" ]; then
-	echo "Error: Could give up physical presence on the CUSE TPM."
-	exit 1
-fi
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-if [ $ret -ne 128 ]; then
-	echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret."
-	exit 1
-fi
-
-#  will NOT work (wrong device) -- we get error output in $res
-res=$(TPM_DEVICE=/dev/${VTPM_NAME}123 $SWTPM_BIOS -n -u 2>&1)
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_swtpm_bios
 ret=$?
-if [ $ret -eq 0 ] || [ -z "$res" ]; then
-	echo "Error: Could give up physical presence on wrong device."
-	exit 1
-fi
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-if [ $ret -ne 255 ]; then
-	echo "Error: Wrong return code from swtpm_bios. Should be 255, had $ret."
-	exit 1
-fi
-
-
-# RESET TPM
-
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-# must work
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -cs -u 2>&1)
-if [ $? -ne 0 ] || [ -n "$res" ]; then
-	echo "Error: Could not startup the CUSE TPM."
-	exit 1
-fi
-
-#  will NOT work -- we get error output in $res
-res=$(TPM_DEVICE=/dev/$VTPM_NAME $SWTPM_BIOS -n -u 2>&1)
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65424
+export SWTPM_CTRL_PORT=65425
+bash _test_swtpm_bios
 ret=$?
-if [ $ret -eq 0 ] || [ -z "$res" ]; then
-	echo "Error: Could give up physical presence on the CUSE TPM."
-	exit 1
-fi
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-if [ $ret -ne 128 ]; then
-	echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret."
-	exit 1
-fi
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65424
+bash _test_swtpm_bios
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_swtpm_bios
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_volatilestate

@@ -1,242 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_volatilestate
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-volatilestate"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_volatilestate
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65420
+export SWTPM_CTRL_PORT=65421
+bash _test_volatilestate
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65420
+bash _test_volatilestate
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-# Startup the TPM
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n)
-exp=' 00 c4 00 00 00 0a 00 00 00 00'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -h 1234 /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Hash command did not work."
-	exit 1
-fi
-
-# Read PCR 17
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check the TPM Established bit after the hashing
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-exp='tpmEstablished is 1'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM store the volatile state to a file."
-	exit 1
-fi
-
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	exit 1
-fi
-
-# Shut the TPM down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-# Start the TPM again
-$SWTPM_EXE -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep $VTPM_NAME | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check that the TPM Established bit is still set
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-exp='tpmEstablished is 1'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Save the volatile state again
-$CUSE_TPM_IOCTL -v /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not have the CUSE TPM store the volatile state to a file."
-	exit 1
-fi
-
-if [ ! -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
-	exit 1
-fi
-
-# Send a new TPM_Init
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
-	echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
-	exit 1
-fi
-
-# Read the PCR again ...
-exec 100<>/dev/$VTPM_NAME
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Check that the TPM Established bit is still set
-RES=$($CUSE_TPM_IOCTL -e /dev/$VTPM_NAME)
-if [ $? -ne 0 ]; then
-	echo "Error: Could not get the TPM Established flag from the CUSE TPM."
-	exit 1
-fi
-exp='tpmEstablished is 1'
-if [ "$RES" != "$exp" ]; then
-	echo "Error (2): TPM Established flag has wrong value."
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-# Finale shut down
-exec 100>&-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_volatilestate
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0

tests/test_wrongorder

@@ -1,124 +1,37 @@
 #!/bin/bash
 
-# For the license, see the LICENSE file in the root directory.
-#set -x
+cd "$(dirname "$0")"
 
-if [ "$(id -u)" -ne 0 ]; then
-	echo "Need to be root to run this test."
-	exit 77
-fi
+export SWTPM_IOCTL_BUFFERSIZE=100
+export SWTPM_INTERFACE=cuse
+bash _test_wrongorder
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-DIR=$(dirname "$0")
-ROOT=${DIR}/..
-SWTPM=swtpm_cuse
-SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
-CUSE_TPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
-VTPM_NAME="vtpm-test-wrongorder"
-export TPM_PATH=$(mktemp -d)
-STATE_FILE=$TPM_PATH/tpm-00.permall
-LOG_FILE=$TPM_PATH/tpm-00.log
-VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
+export SWTPM_IOCTL_BUFFERSIZE=4096
+export SWTPM_INTERFACE=cuse
+bash _test_wrongorder
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-function cleanup()
-{
-	pid=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-	if [ -n "$pid" ]; then
-		kill -9 $pid
-	fi
-	rm -rf $TPM_PATH
-}
+export SWTPM_INTERFACE=socket+socket
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65422
+export SWTPM_CTRL_PORT=65423
+bash _test_wrongorder
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-trap "cleanup" EXIT
+export SWTPM_INTERFACE=socket+unix
+export SWTPM_SERVER_NAME=localhost
+export SWTPM_SERVER_PORT=65422
+bash _test_wrongorder
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
-source ${DIR}/test_cuse
-source ${DIR}/test_common
-
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
-
-$SWTPM_EXE --log file=$LOG_FILE,level=20 -n $VTPM_NAME
-sleep 0.5
-PID=$(ps aux | grep $SWTPM | grep -E "$VTPM_NAME\$" | gawk '{print $2}')
-
-ps aux | grep $SWTPM | grep -v grep
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM did not start."
-	exit 1
-fi
-
-# Get the established bit before the TPM has been initialized
-# This should not work
-
-$CUSE_TPM_IOCTL -e /dev/$VTPM_NAME
-if [ $? -eq 0 ]; then
-	echo "Error: Could get established bit from CUSE TPM before init."
-	exit 1
-fi
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM must have crashed."
-	exit 1
-fi
-
-# Open access to the TPM
-exec 100<>/dev/$VTPM_NAME
-
-# Read PCR 17 -- this should give a fatal error response
-echo -en '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11' >&100
-RES=$(dd if=/proc/self/fd/100 2>/dev/null | od -t x1 -A n -w128)
-exp=' 00 c4 00 00 00 0a 00 00 00 09'
-if [ "$RES" != "$exp" ]; then
-	echo "Error: Did not get expected result from TPM_PCRRead(17)"
-	echo "expected: $exp"
-	echo "received: $RES"
-	exit 1
-fi
-
-exec 100>&-
-
-kill -0 $PID
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM must have crashed."
-	exit 1
-fi
-
-# Init the TPM
-$CUSE_TPM_IOCTL -i /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not initialize the CUSE TPM."
-	exit 1
-fi
-
-kill -0 $PID 2>/dev/null
-if [ $? -ne 0 ]; then
-	echo "Error: CUSE TPM not running anymore after INIT."
-	exit 1
-fi
-
-$CUSE_TPM_IOCTL -s /dev/$VTPM_NAME
-if [ $? -ne 0 ]; then
-	echo "Error: Could not shut down the CUSE TPM."
-	exit 1
-fi
-
-sleep 0.5
-
-kill -0 $PID 2>/dev/null
-if [ $? -eq 0 ]; then
-	echo "Error: CUSE TPM should not be running anymore."
-	exit 1
-fi
-
-if [ ! -e $STATE_FILE ]; then
-	echo "Error: TPM state file $STATE_FILE does not exist."
-	exit 1
-fi
-
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
-
-echo "OK"
+export SWTPM_INTERFACE=unix+unix
+bash _test_wrongorder
+ret=$?
+[ $ret -ne 0  ] && [ $ret -ne 77 ] && exit $ret
 
 exit 0