From 7bc7b33b065bceeb2b0e35c19a0da3f746ce83b4 Mon Sep 17 00:00:00 2001 From: Stefan Reiter Date: Thu, 5 Aug 2021 14:14:15 +0200 Subject: [PATCH] swtpm: Add tests for "linear file" backend Adapt save_load_state tests to include coverage of the "linear file" backend mode. "tpm2" is save/load is tested with both a regular file and a loop device to excercise the blockdev mmap code. Signed-off-by: Stefan Reiter --- tests/Makefile.am | 2 ++ tests/_test_save_load_state | 28 ++++++++++++++++----- tests/test_save_load_state | 11 +++++++++ tests/test_tpm2_save_load_state_2 | 20 ++++++++++++--- tests/test_tpm2_save_load_state_2_block | 31 ++++++++++++++++++++++++ tests/test_tpm2_save_load_state_2_linear | 5 ++++ 6 files changed, 87 insertions(+), 10 deletions(-) create mode 100755 tests/test_tpm2_save_load_state_2_block create mode 100755 tests/test_tpm2_save_load_state_2_linear diff --git a/tests/Makefile.am b/tests/Makefile.am index ea0524f..f8bec57 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -63,6 +63,8 @@ TESTS += \ test_tpm2_save_load_encrypted_state \ test_tpm2_save_load_state \ test_tpm2_save_load_state_2 \ + test_tpm2_save_load_state_2_linear \ + test_tpm2_save_load_state_2_block \ test_tpm2_save_load_state_3 \ test_tpm2_save_load_state_da_timeout \ test_tpm2_setbuffersize \ diff --git a/tests/_test_save_load_state b/tests/_test_save_load_state index 1dc721c..0dfe48d 100755 --- a/tests/_test_save_load_state +++ b/tests/_test_save_load_state @@ -17,6 +17,12 @@ MY_SAVESTATE_STATE_FILE=$TPM_PATH/my.savestate SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse} +LINEAR_STATE_FILE=$TPM_PATH/linear-state +BACKEND_PARAM="" + +if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then + BACKEND_PARAM="--tpmstate backend-uri=file://$LINEAR_STATE_FILE" +fi logfile=$(mktemp) @@ -38,6 +44,7 @@ source ${TESTDIR}/common rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null run_swtpm ${SWTPM_INTERFACE} \ + ${BACKEND_PARAM} \ --log file=$logfile display_processes_by_name "$SWTPM" @@ -274,7 +281,7 @@ if [ $? -ne 0 ]; then exit 1 fi -if [ ! -r $VOLATILE_STATE_FILE ]; then +if [ ${SWTPM_TEST_LINEAR_FILE:-0} -eq 0 ] && [ ! -r $VOLATILE_STATE_FILE ]; then echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist." echo "TPM Logfile:" cat $logfile @@ -326,11 +333,20 @@ if wait_process_gone ${SWTPM_PID} 4; then exit 1 fi -if [ ! -e $STATE_FILE ]; then - echo "Error: TPM state file $STATE_FILE does not exist." - echo "TPM Logfile:" - cat $logfile - exit 1 +if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then + if [ ! -e $LINEAR_STATE_FILE ]; then + echo "Error: TPM state file $LINEAR_STATE_FILE does not exist." + echo "TPM Logfile:" + cat $logfile + exit 1 + fi +else + if [ ! -e $STATE_FILE ]; then + echo "Error: TPM state file $STATE_FILE does not exist." + echo "TPM Logfile:" + cat $logfile + exit 1 + fi fi echo "OK" diff --git a/tests/test_save_load_state b/tests/test_save_load_state index 41e3684..249c4b1 100755 --- a/tests/test_save_load_state +++ b/tests/test_save_load_state @@ -39,4 +39,15 @@ bash _test_save_load_state ret=$? [ $ret -ne 0 ] && [ $ret -ne 77 ] && exit $ret +echo "=== Testing with linear file backend ===" + +export SWTPM_INTERFACE=socket+socket +export SWTPM_SERVER_NAME=localhost +export SWTPM_SERVER_PORT=65418 +export SWTPM_CTRL_PORT=65419 +export SWTPM_TEST_LINEAR_FILE=1 +bash _test_save_load_state +ret=$? +[ $ret -ne 0 ] && [ $ret -ne 77 ] && exit $ret + exit 0 diff --git a/tests/test_tpm2_save_load_state_2 b/tests/test_tpm2_save_load_state_2 index ea0ee8a..84af9ba 100755 --- a/tests/test_tpm2_save_load_state_2 +++ b/tests/test_tpm2_save_load_state_2 @@ -34,6 +34,13 @@ LOGFILE=$TPMDIR/logfile TMPFILE=$TPMDIR/tmpfile BINFILE=$TPMDIR/binfile SIGFILE=$TPMDIR/sigfile +STATEFILE=${STATEFILE:-$TPMDIR/state} + +STORE_PARAM="dir=$TPMDIR" +if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then + echo "Testing with linear file backend ($STATEFILE)" + STORE_PARAM="backend-uri=file://$STATEFILE" +fi source ${TESTDIR}/test_common source ${TESTDIR}/common @@ -173,13 +180,13 @@ function fillup_nvram() export TPM_SERVER_TYPE=raw export TPM_SERVER_NAME=127.0.0.1 export TPM_INTERFACE_TYPE=socsim -export TPM_COMMAND_PORT=65446 +export TPM_COMMAND_PORT=${TPM_COMMAND_PORT:-65460} export TPM_DATA_DIR=$TPMDIR export TPM_SESSION_ENCKEY="807e2bfe898ddaed8fa6310e716a24dc" # for sessions $SWTPM_EXE socket \ --server port=${TPM_COMMAND_PORT} \ - --tpmstate dir=$TPMDIR \ + --tpmstate $STORE_PARAM \ --pid file=$PID_FILE \ --ctrl type=unixio,path=$SOCK_PATH \ --log file=$LOGFILE,level=20 \ @@ -233,7 +240,7 @@ echo "TPM was shut down" $SWTPM_EXE socket \ --server port=${TPM_COMMAND_PORT} \ - --tpmstate dir=$TPMDIR \ + --tpmstate $STORE_PARAM \ --pid file=$PID_FILE \ --ctrl type=unixio,path=$SOCK_PATH \ --log file=$LOGFILE,level=20 \ @@ -287,13 +294,18 @@ echo "TPM was shut down" ################################################################# # Run TPM2 with previously saved state and verify it's the same +if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then + echo "Test 1 OK (skipped last with linear file)" + exit 0 +fi + rm -f $TPMDIR/* cp -f ${TESTDIR}/data/tpm2state5/tpm2-00.permall $TPMDIR/tpm2-00.permall cp ${TESTDIR}/data/tpm2state5/signature.bin $SIGFILE $SWTPM_EXE socket \ --server port=${TPM_COMMAND_PORT} \ - --tpmstate dir=$TPMDIR \ + --tpmstate $STORE_PARAM \ --pid file=$PID_FILE \ --ctrl type=unixio,path=$SOCK_PATH \ --log file=$LOGFILE,level=20 \ diff --git a/tests/test_tpm2_save_load_state_2_block b/tests/test_tpm2_save_load_state_2_block new file mode 100755 index 0000000..0007a7c --- /dev/null +++ b/tests/test_tpm2_save_load_state_2_block @@ -0,0 +1,31 @@ +#!/bin/bash + +if [ "$(id -u)" -ne 0 ]; then + echo "Need to be root to run this test." + exit 77 +fi + +STATEDIR=$(mktemp -d) +STATEIMG=$STATEDIR/tpm2.img +STATEFILE="" + +trap "cleanup" SIGTERM EXIT +function cleanup() +{ + rm -rf $STATEDIR + if [ -n "$STATEFILE" ]; then + losetup -d $STATEFILE + fi +} + +# allocate 4 MiB file +fallocate -x -l $((4 * 1024 * 1024)) "$STATEIMG" +# and loop mount it +STATEFILE=$(losetup --show -f $STATEIMG) + +export SWTPM_TEST_LINEAR_FILE=1 +export TPM_COMMAND_PORT=65462 +export STATEFILE + +# don't exec so cleanup will remove the loop device +$(dirname $0)/test_tpm2_save_load_state_2 diff --git a/tests/test_tpm2_save_load_state_2_linear b/tests/test_tpm2_save_load_state_2_linear new file mode 100755 index 0000000..52783d9 --- /dev/null +++ b/tests/test_tpm2_save_load_state_2_linear @@ -0,0 +1,5 @@ +#!/bin/bash + +export SWTPM_TEST_LINEAR_FILE=1 +export TPM_COMMAND_PORT=65461 +exec $(dirname $0)/test_tpm2_save_load_state_2