#!/bin/bash # For the license, see the LICENSE file in the root directory. #set -x ROOT=${abs_top_builddir:-$(pwd)/..} TESTDIR=${abs_top_testdir:-$(dirname "$0")} SWTPM_BIOS=$ROOT/src/swtpm_bios/swtpm_bios VTPM_NAME="vtpm-test-swtpm-bios" SWTPM_DEV_NAME="/dev/${VTPM_NAME}" TPM_PATH=$(mktemp -d) STATE_FILE=$TPM_PATH/tpm-00.permall VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate PID_FILE=$TPM_PATH/${SWTPM}.pid SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse} function cleanup() { pid=${SWTPM_PID} if [ -n "$pid" ]; then kill_quiet -9 $pid fi rm -rf $TPM_PATH } trap "cleanup" EXIT [ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse source ${TESTDIR}/common rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null run_swtpm ${SWTPM_INTERFACE} --tpmstate dir=$TPM_PATH --pid file=$PID_FILE display_processes_by_name "$SWTPM" kill_quiet -0 ${SWTPM_PID} if [ $? -ne 0 ]; then echo "Error: ${SWTPM_INTERFACE} TPM did not start." exit 1 fi if wait_for_file ${PID_FILE} 4; then echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile." exit 1 fi PIDF="$(cat $PID_FILE)" if [ "$PIDF" != "${SWTPM_PID}" ]; then echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}." exit 1 fi # Init the TPM run_swtpm_ioctl ${SWTPM_INTERFACE} -i if [ $? -ne 0 ]; then echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM." exit 1 fi sleep 0.5 kill_quiet -0 ${SWTPM_PID} 2>/dev/null if [ $? -ne 0 ]; then echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT." exit 1 fi # must work res=$(run_swtpm_bios ${SWTPM_INTERFACE} -o 2>&1) if [ $? -ne 0 ] || [ -n "$res" ]; then echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM." exit 1 fi # must work res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n --cs 2>&1) if [ $? -ne 0 ] || [ -n "$res" ]; then echo "Error: Could not self-test the ${SWTPM_INTERFACE} TPM." exit 1 fi # must work res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1) if [ $? -ne 0 ] || [ -n "$res" ]; then echo "Error: Could not give up physical presence on the ${SWTPM_INTERFACE} TPM." exit 1 fi # will NOT work -- we get error output in $res res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1) ret=$? if [ $ret -eq 0 ] || [ -z "$res" ]; then echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM." exit 1 fi if [ $ret -ne 128 ]; then echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret." exit 1 fi # will NOT work (wrong device) -- we get error output in $res res=$(TPM_DEVICE=/dev/${VTPM_NAME}123 ${SWTPM_BIOS} -n -u 2>&1) ret=$? if [ $ret -eq 0 ] || [ -z "$res" ]; then echo "Error: Could give up physical presence on wrong device." exit 1 fi if [ $ret -ne 255 ]; then echo "Error: Wrong return code from swtpm_bios. Should be 255, had $ret." exit 1 fi # RESET TPM run_swtpm_ioctl ${SWTPM_INTERFACE} -i if [ $? -ne 0 ]; then echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM." exit 1 fi # must work res=$(run_swtpm_bios ${SWTPM_INTERFACE} --cs -u 2>&1) if [ $? -ne 0 ] || [ -n "$res" ]; then echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM." exit 1 fi # will NOT work -- we get error output in $res res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1) ret=$? if [ $ret -eq 0 ] || [ -z "$res" ]; then echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM." exit 1 fi if [ $ret -ne 128 ]; then echo "Error: Wrong return code from swtpm_bios. Should be 128, had $ret." exit 1 fi run_swtpm_ioctl ${SWTPM_INTERFACE} -s if [ $? -ne 0 ]; then echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM." exit 1 fi if wait_process_gone ${SWTPM_PID} 4; then echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore." exit 1 fi if [ ! -e $STATE_FILE ]; then echo "Error: TPM state file $STATE_FILE does not exist." exit 1 fi echo "OK" exit 0