On 8/16/20 3:36 PM, Mimi Zohar wrote:
The "boot_aggregate.test" requires either a hardware or software TPM.
Support using the swtpm, if packaged for the distro, in addition to
tpm_server.
Note: Some travis/<distro>.sh scripts are links to other scripts.
Don't fail the build of the linked script if the swtpm package doesn't
exist.
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
---
.travis.yml | 2 +-
tests/boot_aggregate.test | 40 ++++++++++++++++++++++++++++-----------
travis/fedora.sh | 1 +
3 files changed, 31 insertions(+), 12 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 849fcb6ba822..9bea5d19bd0e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -75,4 +75,4 @@ before_install:
script:
- INSTALL="${DISTRO%%:*}"
- INSTALL="${INSTALL%%/*}"
- - docker run -t ima-evm-utils /bin/sh -c "cd travis && if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || ../tests/install-swtpm.sh; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ../build.sh"
+ - docker run -t ima-evm-utils /bin/sh -c "cd travis && if [ \"$VARIANT\" ]; then ARCH=\"$ARCH\" ./$INSTALL.$VARIANT.sh; fi && ARCH=\"$ARCH\" CC=\"$CC\" TSS=\"$TSS\" ./$INSTALL.sh && if [ ! \"$VARIANT\" ]; then which tpm_server || which swtpm || ../tests/install-swtpm.sh; fi && CC=\"$CC\" VARIANT=\"$VARIANT\" ../build.sh"
diff --git a/tests/boot_aggregate.test b/tests/boot_aggregate.test
index 43de67de1468..ce310b6ae5b4 100755
--- a/tests/boot_aggregate.test
+++ b/tests/boot_aggregate.test
@@ -33,6 +33,10 @@ else
ASCII_RUNTIME_MEASUREMENTS="./sample-ascii_runtime_measurements-pcrs-8-9"
export TPM_INTERFACE_TYPE="socsim"
export TPM_COMMAND_PORT=2321
+ export TPM_PLATFORM_PORT=2322
+ export TPM_SERVER_NAME="localhost"
+ export TPM_SERVER_TYPE="raw"
+
fi
# Only stop this test's software TPM. Preferred method: "tsstpmcmd -stop"
@@ -48,22 +52,36 @@ cleanup() {
# Try to start a software TPM if needed.
swtpm_start() {
- local swtpm
+ local swtpm swtpm1
swtpm="$(which tpm_server)"
- if [ -z "${swtpm}" ]; then
- echo "${CYAN}SKIP: Softare TPM (tpm_server) not found${NORM}"
+ swtpm1="$(which swtpm)"
+ if [ -z "${swtpm}" ] && [ -z "${swptm1}" ]; then
+ echo "${CYAN}SKIP: Softare TPM (tpm_server and swtpm) not found${NORM}"
return "$SKIP"
fi
- pgrep tpm_server
- if [ $? -eq 0 ]; then
- echo "INFO: Software TPM (tpm_server) already running"
- return 114
- else
- echo "INFO: Starting software TPM: ${swtpm}"
- ${swtpm} > /dev/null 2>&1 &
- SWTPM_PPID=$!
+ if [ ! -z "${swtpm1}" ]; then
Change to 'if [ -n "${swtpm1}" ]; then' ?
+ pgrep swtpm1
+ if [ $? -eq 0 ]; then
+ echo "INFO: Software TPM (swtpm) already running"
+ return 114
+ else
+ echo "INFO: Starting software TPM: ${swtpm1}"
+ mkdir ./myvtpm
+ ${swtpm1} socket --tpmstate dir=./myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init > /dev/null 2>&1 &
+ SWTPM_PPID=$!
+ fi
+ elif [ ! -z "${swtpm}" ]; then
Same here.
+ pgrep swtpm
+ if [ $? -eq 0 ]; then
+ echo "INFO: Software TPM (tpm_server) already running"
+ return 114
+ else
+ echo "INFO: Starting software TPM: ${swtpm}"
+ ${swtpm} > /dev/null 2>&1 &
+ SWTPM_PPID=$!
+ fi
fi
return 0
}
diff --git a/travis/fedora.sh b/travis/fedora.sh
index d3459e408d81..f9ee9bed7bc1 100755
--- a/travis/fedora.sh
+++ b/travis/fedora.sh
@@ -41,6 +41,7 @@ yum -y install \
which
yum -y install docbook5-style-xsl || true
+yum -y install swtpm || true
# FIXME: debug
echo "find /tss2_esys.h"
