Integrate the Travis builds with Coveralls.io by sumitting the coverage
results to Coveralls.io.
We have to run the coveralls script with sudo rights since otherwise we
get permission denied errors.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Have the CUSE TPM return the TPM start error, particularly
TPM_DECRYPT_ERROR in case a wrong key was passed, rather than the plain
TPM_FAIL error code. This was a difference with the 'other' swtpm
interfaces that already returned the original error code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Support creation and usage of the root CA with a password protected
private key. The root CA's key password can be set using the environment
variable SWTPM_ROOTCA_PASSWORD.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This (experimental) script uses GnuTLS tpmtool to create a TPM 1.2
intermediate CA that can sign a vTPM's EK and platform certificates.
Add a man page for this tool.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
GnuTLS can use TPM 1.2 keys for signing. For this we just need to support
key URLs in the GnuTLS format:
tpmkey:uuid=...
tpmkey:file=...
We don't try to read these URLs as files but pass them through as URLs to
the swtpm_cert tool that will then try to sign with the TPM 1.2 key by
passing the URL to GnuTLS API calls.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Gnutls supports TPM 1.2 keys in its API and we can use a TPM 1.2
signing key for signing the EK or platform certs.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
swtpm-localca was missing a help screen. This patch adds it and
is shown when --help or -? or -h is passed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some tests are expected to fail. Capture the error output and test it
against epected error output. This also makes the test output less
noisy.
Also remove some other output noise.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Shut down the swtpm process at the end to avoid it being killed
and with that getting noise in the test log.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
The crypto functions for AES encryption and decryption clash with crypto
function names of libtpms. Avoid this by prefixing them with SWTPM_ instead
of TPM_.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Older versions of gcc need some input file to compile so that
we learn whether -fstack-protector-strong is supported.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Get the IBM TSS2 test suite from its git repo, compile it, and run
its test suite if SWTPM_TEST_EXPENSIVE=1 is set.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This patch adds rules that are needed for running QEMU with libvirt 4.4
on F28. This allows one to test the libvirt management stack and QEMU with
swtpm and SELinux in enforcing mode.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Only when the CUSE TPM is built we need the glib-2.0 dependency
(which can be removed at some point probably).
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
glib2 did not clean up a proxy thread once the pool was torn down. The
reason was that an exclusive pool was used. Switch to a non-exclusive
pool, which will cause the last thread to terminate as well and we have
a clean valgrind log now.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Wait a few seconds for files to appear or disappear after starting the
swtpm process. This helps avoid test failures when the system is under
load.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add a delay of 0.2s after a file is found in wait_for_file so that the
process can also write into it. Sometimes we are also interested in the
content and don't seem to get the content since we didn't wait for
the file to have been written to. It happens occasionally when the system
is under load that we don't seem to be able to read the file content
afterwards.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
To avoid timeouts when running the tests with valgrind, increase
the timeout until the swtpm process must have terminated after a
shutdown signal to 4 seconds.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Valgrind complains about uninitialized bytes being accessed by a writev()
call in libfuse. It points to a line in the error branch
'error_not_running', but the error does not seem to come from there.
Instead, if we initialize ptm_est to zeros the problem goes away.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
With the fuse_session now global, we can use it to exit the CUSE
TPM using fuse_session_exit().
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
To be able to get to the low level fuse_session data structure, which
allows us to terminate the program more gracefully than the exit() in
the ioctl processing code, we implement the low level cuse startup code.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
F27 needs an additional rule for starting the swtpm from libvirt.
Add the rule 'allow svirt_t swtpm_exec_t:file map'
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
gcc 4.2.1 does not accept the initializer '= { 0 }' and so we now switch
this to memset as well.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Valgrind complains that there are uninitialized bytes when ioctl() is called.
This is due to the fact that we are passing the structure to the ioctl()
without specifying how many bytes are valid in the passed buffer.
So, we initialize the buffers to 0 and the complaint is resolved.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Call a function display_processes_by_name that displays all processes
if needed. The function is quiet, though.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
When the AES encryption and decryption function were extended to support
256bit keys the size of the user ivec on the stack was also increased to
32 bytes. For the user provided IV we now must only copy 16 bytes in case
an 128 bit key is used. Fix the length parameter to the memcpy().
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
We seem to be missing a dependency on selinux-policy-devel, so add it.
The name of the source tar has to be set to what 'make dist' produces.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Tie swtpm-tools updating to swtpm updating and vice versa by requiring
swtpm-tools the swtpm package to have the same version.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Fedora policy seems to be to use python3 explicitly for the hashbang
rather than python, which could be either python2 or python3. So convert
it to python3. Also adapt configure.ac to require python3 executable.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Install the private libswtpm_libtpms into $(libdir)/swtpm
rather than into the shared libaries directory.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
To make the RPM building easier for the --without-cuse case we have to omit
a couple of files from being built so that they are not left-overs when
packing the RPM without building swtpm-cuse.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
The meaning of %bcond_without is that it enables a feature by default.
We want to buld with gnutls, so enable it.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
An out-of-tree build fails to build swtpm_svirt.pp due to missing
source files from the swtpm.pp policy. Add the swtpm.{te,if,fc} files
as dependencies of the swtpm_svirt.pp policy package.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Use .NOTPARALLEL for the SELinux policy build target to avoid running
the rule concurrently and deleting the tmp directory while another
build is running.
For some reason it is not possible to use $(MAKE) since otherwise the
building of the policy package fails.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
This patch is partially from Lukas Vrabec (lvrabec@redhat.com) and fixes
some nits in the SELinux policy.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
