Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 10:30:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
stable-0.10
swtpm/tests/test_tpm2_ibmtss2
Stefan Berger 05f4d91989 test: Exit IBM TSS2 test early if it does not support swtpm 
Check the help screen for necessary supported options since the IBM TSS2
test will have to be patched to support swtpm directly. If it does not
support it, exit the tests early with an error message.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2024-10-28 21:19:33 -04:00

167 lines
4.1 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
if [ "${SWTPM_TEST_EXPENSIVE:-0}" -eq 0 ]; then
echo "SWTPM_TEST_EXPENSIVE must be set to run this test."
exit 77
fi
if [ -z "$(type openssl)" ]; then
echo "Openssl command line tool is required."
exit 1
fi
ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ABSTESTDIR=$(cd "${TESTDIR}" &>/dev/null || exit 1;echo "${PWD}")
PATCHESDIR=${ABSTESTDIR}/patches
SWTPM_SERVER_PORT=65426
SWTPM_SERVER_NAME=127.0.0.1
SWTPM_CTRL_PORT=65427
SWTPM_INTERFACE=socket+socket
function cleanup() {
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
kill_quiet -9 "$pid"
fi
if [ -n "${WORKDIR}" ]; then
rm -rf "${WORKDIR}"
fi
}
trap "cleanup" EXIT
source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
WORKDIR="$(mktemp -d)" || exit 1
REGLOG=${WORKDIR}/reglog
DEFAULT_PROFILE='{"Name":"default-v1"}'
SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
--tpmstate "dir=${WORKDIR}" \
--flags not-need-init \
--profile "profile=${SWTPM_TEST_PROFILE:-${DEFAULT_PROFILE}}"
revision=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --info 1 |
sed 's/.*,"revision":\([^\}]*\).*/\1/')
pushd "${WORKDIR}" &>/dev/null || exit 1
function build_ibmtss2() {
git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss
pushd ibmtpm20tss-tss &>/dev/null || exit 1
if ! git checkout tags/v2.4.0; then
echo "'Git checkout' failed."
exit 1
fi
# To be able to apply the patches we need to to set some variables
# for user that don't have this set up properly
git config --local user.name test
git config --local user.email test@test.test
# Nuvoton commands are not supported
git am < "${PATCHESDIR}/0012-Disable-Nuvoton-commands.patch"
# A v2.0.1 bug work-around:
# We cannot run the EK certificate tests since rootcerts.txt points to
# files we do not have
git am < "${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch"
# Implement 'powerup' for swtpm
git am < "${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch"
# set CRYPTOLIBRARY=openssl
git am < "${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch"
# Store and restore volatile state at every step
git am < "${PATCHESDIR}/0004-Store-and-restore-volatile-state-at-every-step.patch"
# Disable 'Events' test
git am < "${PATCHESDIR}/0005-Disable-tests-related-to-events.patch"
if openssl version | grep -q -E "^OpenSSL 3"; then
git am < "${PATCHESDIR}/0010-Adjust-test-cases-for-OpenSSL-3.patch"
fi
autoreconf --force --install
unset CFLAGS LDFLAGS LIBS
./configure --disable-tpm-1.2
make -j4
popd &>/dev/null || exit 1
}
export TPM_SERVER_NAME=127.0.0.1
export TPM_INTERFACE_TYPE=socsim
export TPM_COMMAND_PORT=${SWTPM_SERVER_PORT}
export TPM_PLATFORM_PORT=${SWTPM_CTRL_PORT}
export SWTPM_IOCTL
if [ -d "$SWTPM_TEST_IBMTSS" ]; then
for opt in swtpm without-ecc without-nuvoton without-events; do
if ! "$SWTPM_TEST_IBMTSS"/tssreg.sh -h | grep -q "${opt}"; then
echo "Cannot run test with installed IBM TSS2 test suite since it does not support the --${opt} option."
exit 1
fi
done
# assume tss is installed with the default prefix
if ! tssstartup; then
echo "Startup of TPM2 failed"
exit 1
fi
OPENSSL_ENABLE_SHA1_SIGNATURES=1 ./reg.sh -a 2>&1 | tee "${REGLOG}"
"$SWTPM_TEST_IBMTSS"/tssreg.sh \
--swtpm \
--without-ecc \
--without-nuvoton \
--without-events \
--rev "$revision" \
-a 2>&1 | tee "${REGLOG}"
else
build_ibmtss2
pushd ibmtpm20tss-tss/utils || exit 1
if ! ./startup; then
echo "Startup of TPM2 failed"
exit 1
fi
OPENSSL_ENABLE_SHA1_SIGNATURES=1 ./reg.sh -a 2>&1 | tee "${REGLOG}"
popd &>/dev/null || exit 1
fi
ret=0
if grep -q -E "^ ERROR:" "${REGLOG}"; then
echo "There were test failures running the IBM TSS 2 tests"
grep -E "^ ERROR:" "${REGLOG}" -B2 -A2
ret=1
fi
# Shut down
if ! run_swtpm_ioctl "${SWTPM_INTERFACE}" -s; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
ret=1
fi
if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
ret=1
fi
popd &>/dev/null || exit 1
[ $ret -eq 0 ] && echo "OK"
exit $ret
Reference in New Issue View Git Blame Copy Permalink