Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 19:04:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,150 Commits 24 Branches 39 Tags 7 MiB
stable-0.6
Commit Graph

1150 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Berger
0722cffd12 tests: Extends test_volatilestate with checks on establishment bit 
Extend the testcase test_volatilestate with check on the TPM
establishment bit and that it is saved across volatile save/load
operations.
 2015-05-01 12:24:39 -04:00
Stefan Berger
9fb43c7a98 test: Terminate swtpm in case testcase is aborted 
Send a SIGTERM to the swtpm in case the testcase is aborted.
 2015-04-28 20:16:47 -04:00
Stefan Berger
cb5dc4e92c Require kernel-modules-extra package 
The cuse module is found in the kernel-modules-extra package.
 2015-04-02 06:44:38 -04:00
Stefan Berger
1140f4c656 tests: bail out if modprobe cuse fails 
Terminate the test case immediately if modprobe cuse fails.
 2015-04-02 06:43:39 -04:00
Stefan Berger
4bee90cbc7 Adjust blob size to a size that should work for all architectures 
PPC64 seems to not work with 8k blob sizes, but 7k worked.
To be on the safe size, we set the size so that the requests
and responses are below a 4k page size.
 2015-04-01 22:45:57 -04:00
Stefan Berger
48abfbb1c0 Expect tool is required 
Check for the expect tool in configure.
Require the expect tool in the spec file.
 2015-04-01 22:39:17 -04:00
Stefan Berger
58548ac677 swtpm: document some more code 
Add documentation to the include file and some functions in  the source
code files.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>jo
 2015-03-30 10:06:49 -04:00
Stefan Berger
337247ef6c swtpm: add documentation to options source code 
Add documentation to the options source code and introduce an explicit
default value to return in case an option was not found while parsing.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-03-30 07:24:08 -04:00
Stefan Berger
292fc83f3e swtpm_cuse: automatically remove volatile state after retireval 
Automatically remove the volatile state file after retrieval.
 2015-03-19 15:44:22 -04:00
Stefan Berger
950040f03c swtpm_cuse: implement STOP ioctl 
Implement a STOP ioctl in the swtpm and swtpm_ioctl client.
Modify test cases to used swtpm_ioctl --stop.
 2015-03-16 11:50:03 -04:00
Stefan Berger
33e241b562 swtpm_ioctl: if blob cannot be found TPM_NON_FATAL is returned 
It's not a fatal error if a blob is not returned and the CUSE TPM replies
with TPM_NON_FATAL error code.
 2015-03-16 11:19:44 -04:00
Stefan Berger
c552bcdca3 swtpm_setup: reuse existing function to stop processes 2015-03-16 11:14:53 -04:00
Stefan Berger
36a7d09481 swtpm_setup: check swtpm port 
Also check the port of the swtpm before proceeding.
Fix a typo in the code.
 2015-03-14 20:43:10 -04:00
Stefan Berger
ba3535aa9c swtpm_setup: remove debugging code 2015-03-13 14:52:11 -04:00
Stefan Berger
3e5085efff swtpm_setup: Test connection with tcsd 
On rare occassions TCSD refuses connections after start and nothing
works; so we test the connection with TCSD and kill it if it doesn't
work.

This now seems to fix the tests/test_parameters that occosionally
had been reporting an error.
 2015-03-13 12:35:59 -04:00
Stefan Berger
f55b697663 Only allow a single command per TCP connection to be sent 
Only allow a single command per TCP connection to be sent to
the socket TPM. This solves a problem with the test_parameters
testcase where the TPM seems to get stuck in the poll().
However, the testcase still is not entirely error-free.
 2015-03-12 21:45:34 -04:00
Stefan Berger
bba74db294 Only list LISTEN sockets when checking on tcsd 
Only list LISTEN sockets when checking whether tcsd has started
listening on a socket, yet.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-03-12 14:21:59 -04:00
Stefan Berger
0c0e5b20c6 Update man page with description for new commands 
Update the man page of swtpm_ioctl with the new commands for
getting stateblobs from the CUSE TPM and setting stateblobs in
the CUSE TPM.
 2015-03-12 09:49:40 -04:00
Stefan Berger
198ebab3c1 Add new ioctls for getting and setting state blobs 
Add new ioctls to get and set the 3 different types of state blobs
from and to the CUSE TPM. Add test cases for testing the new ioctl's
on a CUSE TPM that stores the state encrypted and on a CUSE TPM that
stores it non-encrypted.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-03-12 09:32:28 -04:00
Stefan Berger
5fd9856094 Show error message when not installing as root 
Only root can change the ownership of swtpm_setup.sh to tss:tss, so
only root can install the file.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-02-20 18:44:47 -05:00
Stefan Berger
f97114cc4c Fix build on RHEL6 where we need -lgthread-2.0 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-01-30 18:16:09 -05:00
Stefan Berger
ca84b6cde7 Allocate TPM command buffer on heap rather than on the stack 
Allocate the TPM command buffer on the heap. Previously it was
allocated on the stack.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-01-30 17:56:26 -05:00
Stefan Berger
a84f2372ba Change void * to concrete structure. 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-01-30 17:29:54 -05:00
Stefan Berger
e6085e9615 Add some hardening flags to compiler and linker 
Protect the stack, create position indep. executables, use Relocation
Read-Only (RELRO) and have the linker resolve all symbols upon
program start.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-01-30 17:08:40 -05:00
Stefan Berger
410683fa05 Remove unused wrapper tcsd-launcher.c 
Remove the unused wrapper program tcsd-launcher.c.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-01-19 14:47:35 -05:00
Stefan Berger
681f7f292f Update on TODO 2015-01-16 09:59:51 -05:00
Stefan Berger
213677a217 Fix cut and paste error 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-22 15:54:01 -05:00
Stefan Berger
7d0fec4f4c Run parallel tests also when building RPMs 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-19 16:16:21 -05:00
Stefan Berger
e150007d18 Allow tests to run in parallel 
Create uniqe names for the /dev/vtpm* so that tests can run in parallel.
Also separate the state directories of the TPMs into individual temporary
dirs.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-19 16:10:59 -05:00
Stefan Berger
ec37bb56cb Make SELinux policy extension support chooseable 
Extend configure.ac to make SELinux policy extension support
chooseable. By default configure will check whether SELinux
support is installed on the local system and will add SELinux
policy extension support if support is found.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-19 09:28:47 -05:00
Stefan Berger
bb3c6bf625 Search for external echo tool 
Search for bash-external echo tool.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-18 22:27:53 -05:00
Stefan Berger
3bbdd7bc76 Support for openssl 
Also support swtpm using OpenSSL library. 
Introduce --with-openssl in configure.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-18 22:19:57 -05:00
Stefan Berger
833a54165e Check for missing freebl headers and freebl lib 
Add a check for missing freebl header blapi.h (missing in Ubuntu)
and missing freebl static library that provides AES_CreateContext.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2014-12-18 11:04:22 -05:00
Stefan Berger
adc287585e Merge branch 'master' of https://github.com/stefanberger/swtpm 2014-12-11 14:05:33 -05:00
Stefan Berger
c7e0a654e3 Merge TODO list from swtpm tools project 2014-12-11 14:04:48 -05:00
Stefan Berger
ba2f0af638 Enable building of rpms on RHEL 7 
Some tweaks to enable building of RPMs on RHEL 7.
 2014-12-09 20:37:27 -05:00
Stefan Berger
09c58b7003 Make compileable on RHEL 7 for ppc64 
There are some tiny adjustments needed for linking on RHEL 7 for ppc64.
Otherwise it works there now as well.
 2014-12-09 20:10:00 -05:00
Stefan Berger
baecda4040 Link programs with minimal set of libraries 
Don't build up a global LIBS variable but put the libraries into
individual variables that can be used for linking individual programs
with. Do the same for CFLAGS.
 2014-12-09 19:59:27 -05:00
Stefan Berger
095168973d Improve on the list of dependencies. 
Update the list of rpm dependencies referred to in INSTALL and
configure.ac and the spec file.
 2014-12-09 13:42:17 -05:00
Stefan Berger
1201a5e0d7 Ignore directories related to quilt. 2014-12-08 12:53:47 -05:00
Stefan Berger
3f7933fc3a fix typo in man page 2014-12-08 12:53:13 -05:00
Stefan Berger
0321a3808d Add ioctl to reset the establishment bit 
Add an ioctl to reset the establishment bit. It takes as an
argument the locality to use.
 2014-12-08 11:35:16 -05:00
Stefan Berger
05503a8ea0 fixing typo in man page 2014-12-05 15:14:09 -05:00
Stefan Berger
6e93fdef0f add new README files for the tools and modify main README file 2014-12-05 15:11:15 -05:00
Stefan Berger
94019ce7a1 tpm_ioctl.h is LGPL licensed 2014-12-05 14:01:36 -05:00
Stefan Berger
e09fc2769a adding file to create rpm spec file from 2014-12-05 13:46:46 -05:00
Stefan Berger
e46a2b6686 merging swtpm-tools into this project 2014-12-05 13:43:21 -05:00
Stefan Berger
6fc8fb9f4c initialize errno to 0 before strtoul call 2014-12-05 12:43:45 -05:00
Stefan Berger
82ebd89dcc adding LICENSE file 2014-12-05 11:22:28 -05:00
Stefan Berger
f163b20210 initial check-in 2014-12-05 11:16:03 -05:00