Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 19:04:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
stable-0.5
swtpm/tests/_test_init
Stefan Berger 930c7ba16e tests: Allow seccomp override w/ SWTPM_TEST_SECCOMP_OPT env var 
The Ubuntu (PPA) build system executes the build on an environment that
has problems with seccomp profiles. It does not allow us to run the test
suite with swtpm applying its seccomp profile since it fails with a
'bad system call' error. To work around this we introduce the env. variable
SWTPM_TEST_SECCOMP_OPT that we can set to "--seccomp action=none" to avoid
having swtpm apply it seccomp profile.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2020-01-15 15:49:51 -05:00

137 lines
3.0 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# For the license, see the LICENSE file in the root directory.
#set -x
ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
VTPM_NAME="vtpm-test-init"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
TPM_PATH=$(mktemp -d)
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
PID_FILE=$TPM_PATH/swtpm.pid
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
kill_quiet -9 $pid
fi
rm -rf $TPM_PATH
}
trap "cleanup" EXIT
[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
source ${TESTDIR}/common
rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
if has_seccomp_support "${SWTPM_EXE}"; then
SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
fi
run_swtpm ${SWTPM_INTERFACE} \
--tpmstate dir=$TPM_PATH \
--pid file=$PID_FILE
display_processes_by_name "$SWTPM"
kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
if wait_for_file ${PID_FILE} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
PIDF="$(cat $PID_FILE)"
if [ "$PIDF" != "${SWTPM_PID}" ]; then
echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
exit 1
fi
# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
sleep 0.5
kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Init the TPM again but make its state file inaccessible; this only
# works if the TPM runs as non-root
if [ "$(id -u)" != "0" ]; then
chmod 000 "${STATE_FILE}"
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -eq 0 ]; then
echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
sleep 0.5
kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
exit 1
fi
chmod 644 "${STATE_FILE}"
# Init the TPM again; now with state file accessible again
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
sleep 0.5
kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
fi
check_seccomp_profile "${SWTPM_EXE}" ${SWTPM_PID} 0
if [ $? -ne 0 ]; then
exit 1
fi
# Shut down
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
if [ ! -e $STATE_FILE ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
echo "OK"
exit 0
Reference in New Issue View Git Blame Copy Permalink