1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
|
#!/usr/bin/env bash
# For the license, see the LICENSE file in the root directory.
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
TPMDIR="$(mktemp -d)" || exit 1
SWTPM_CTRL_UNIX_PATH=$TPMDIR/sock
PID_FILE=$TPMDIR/swtpm.pid
LOG_FILE=$TPMDIR/swtpm.log
SWTPM_SERVER_PORT=65472
SWTPM_CTRL_PORT=65473
source "${TESTDIR}/test_common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
rm -rf "${TPMDIR}"
if [ -n "${SWTPM_PID}" ]; then
kill_quiet -SIGTERM "${SWTPM_PID}" 2>/dev/null
fi
}
source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
if ! [[ "$(uname -s)" =~ Linux ]]; then
echo "Need Linux to run UnixIO test for CMD_SET_DATAFD."
echo "Test 1: Skipped"
else
# Test CMD_SET_DATAFD
cp "${TESTDIR}/data/tpmstate1/"* "${TPMDIR}"
$SWTPM_EXE socket \
--flags not-need-init \
--ctrl "type=unixio,path=${SWTPM_CTRL_UNIX_PATH}" \
--tpmstate dir="${TPMDIR}" \
-t \
--pid "file=${PID_FILE}" \
--log "file=${LOG_FILE},level=20" \
${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
LOG=$(SOCK_PATH=${SWTPM_CTRL_UNIX_PATH} exec "${TESTDIR}/test_setdatafd.py")
res=$?
if [ $res -ne 0 ]; then
echo "Error: CMD_SET_DATAFD failed: $LOG"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: TPM should not be running anymore after data channel loss."
exit 1
fi
echo "Test 1: OK"
fi
# Test that loss of control channel terminates swtpm
$SWTPM_EXE socket \
--ctrl "type=unixio,path=${SWTPM_CTRL_UNIX_PATH},terminate" \
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
# Opening the data socket must NOT terminate it
exec 100<>/dev/tcp/127.0.0.1/${SWTPM_SERVER_PORT}
exec 100>&-
sleep 1
if ! kill -0 "${SWTPM_PID}"; then
echo "Error: Opening and closing data channel must not have terminated swtpm"
exit 1
fi
if ! socat -T1 - "UNIX-CONNECT:${SWTPM_CTRL_UNIX_PATH}"; then
echo "Error: Socat failed"
exit 1
fi
if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: TPM should not be running anymore after control channel loss."
exit 1
fi
echo "Test 2: OK"
$SWTPM_EXE socket \
--ctrl "type=tcp,port=${SWTPM_CTRL_PORT},terminate" \
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
echo "Error: Swtpm did not write pidfile."
exit 1
fi
# Opening the data socket must NOT terminate it
exec 100<>/dev/tcp/127.0.0.1/${SWTPM_SERVER_PORT}
exec 100>&-
sleep 1
if ! kill -0 "${SWTPM_PID}"; then
echo "Error: Opening and closing data channel must not have terminated swtpm"
exit 1
fi
# Opening the ctrl socket must be enough to terminate it
exec 100<>/dev/tcp/127.0.0.1/${SWTPM_CTRL_PORT}
exec 100>&-
if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: TPM should not be running anymore after control channel loss."
exit 1
fi
echo "Test 3: OK"
exit 0
|
