Now that we will always read all bytes available on a file descriptor
we don't need the MAINLOOP_READALL flag anymore.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add TPM 1.2 test cases to test_parameters for testing the passing of key
and passphrase via file descriptor. Also extend the test to check whether
the state files are encrypted.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Since we can only read the file descriptor for the passphrase once,
we cannot stop the TPM 1.2 and then restart it but we have to use
'swtpm_ioctl -i' to re-init it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Make sure that when keyfile/keyfile-fd or pwdfile/pwdfile-fd are passed
to swtpm_setup that the resulting state is actually encrypted. We check
for encrypted state by making sure that 4-byte sequences of 0-bytes are
not there while they are there for un-encrypted state.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Also extend swtpm_setup to allow passing the file descriptor for
the key or password files or pipes.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Enable reading the password file from a file descriptor using
--key pwdfd=<fd>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Get rid of stat() so that we can read from pipes as well.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
filelen is the length of the file as it was stat'ed. len is
the number of bytes read. They should be the same. So, use
len as a parameter to SHA512() rather than filelen.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Enable reading the state encryption or migration keys using a
file descriptor passed via the command line option parameter.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Consolidate the exist of the parse_key_options function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Add missing kdf option documentation to help screen. The kdf
option parameter support has been there since 0.1.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
The old prime number generation algorithm also does not return
the same numbers on ppc64 (big endian) as on x86_64 or ppc64le,
so do not run the test there.
Signed-off-by: Stefan Berger <stefanb@linu.ibm.com>
The CUSE TPM needs the prctl syscall to function correctly when
commands are passed via the thread pool.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Set the LIBTPMS_CFLAGS for libtpms to sanitize the same as we sanitize
in swtpm. Also set UBSAN_OPTIONS and ASAN_OPTIONS for directing runtime
behavior to halt_on_error=1.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Fix an illegal heap access while parsing the options by making
sure that we do not access the tok variable beyond its size
when comparing a character to '=' and later on when accessing
the value after the '='.
This bug was discovered by configuring as follows on Fedora 28:
CFLAGS="-fsanitize=address -g -ggdb" LIBS="-lasan" \
./configure --prefix=/usr
and running tests like this:
sudo bash -c "SWTPM_TEST_EXPENSIVE=1 make -j32 check"
The test case test_tpm2_ctrlchannel2 indicated the error.
It looks like gcc on Ubuntu Xenial on Travis did not detect this
error.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When the PID_FILE is passed to swtpm as a file descriptor in one test,
we already create a file without content when running
'exec 100<>$PID_FILE'. So we have to extend wait_for_file to also
wait for file content since the 0.2 seconds delay are sometimes not
enough for content to have been written. Otherwise we do not get the
PID of the process. We can extend the function in this way since all
its usages imply that some content should become available.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use the IPv6 bindaddr ::1 where available on Linux. Travis doesn't
seem to support IPv6 addresses at the moment.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the previously modified test case to also test on
Darwin now that we are able to convert a file descriptor
to a filename.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
On Linux and Cygwin we can pass a file descriptor for the pid
file, on other platforms it doesn't work (yet).
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Pass the --runas parameter to swtpm so we can test switching it
to a given user 'nobody'.
We also have to change ownership of files and directories so that
the nobody user can write the coverage files when swtpm ends.
In the test case we then use the trick of changing file ownership
just before we terminate swtpm, which will trigger the writing
of the .gcda files. We need to have nobody own these files.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use the mode= parameter of the TPM's state file and a unix
socket to have swtpm set the file mode bits and check that
they are set as expected.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
- Clean up state files in case the test suite was interrupted
- Allow running it from the test directory by creating an absolute
path for TESTDIR so we can find the patch file; error out in
case the patching fails
- Run test case 2 and 1 as well but ignore ERROR output in case
of test 1. The errors stem from us not restarting the TPM when
the test suite asks for it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
