|
|
@@ -1042,11 +1042,14 @@ impl HasResponseCode for TSS2_RC {
|
|
|
mod test {
|
|
|
use super::*;
|
|
|
|
|
|
+ use nix::{
|
|
|
+ unistd::Pid,
|
|
|
+ sys::signal::{self, Signal}
|
|
|
+ };
|
|
|
use tempdir::TempDir;
|
|
|
use std::{
|
|
|
fs::File,
|
|
|
process::{
|
|
|
- Child,
|
|
|
Command,
|
|
|
ExitStatus,
|
|
|
Stdio
|
|
|
@@ -1062,7 +1065,7 @@ mod test {
|
|
|
EccScheme,
|
|
|
KeyDerivationFunctionScheme,
|
|
|
PublicEccParameters,
|
|
|
- }
|
|
|
+ }, tcti_ldr::NetworkTPMConfig
|
|
|
};
|
|
|
use ctor::ctor;
|
|
|
|
|
|
@@ -1081,13 +1084,14 @@ mod test {
|
|
|
|
|
|
struct SwtpmHarness {
|
|
|
dir: TempDir,
|
|
|
- swtpm: Child,
|
|
|
- abrmd: Child,
|
|
|
- bus_name: String,
|
|
|
+ port: u16,
|
|
|
state_path: PathBuf,
|
|
|
+ pid_path: PathBuf,
|
|
|
}
|
|
|
|
|
|
impl SwtpmHarness {
|
|
|
+ const HOST: &'static str = "127.0.0.1";
|
|
|
+
|
|
|
fn new() -> Result<SwtpmHarness> {
|
|
|
static PORT: AtomicU16 = AtomicU16::new(21901);
|
|
|
let port = PORT.fetch_add(2, Ordering::SeqCst);
|
|
|
@@ -1095,10 +1099,10 @@ mod test {
|
|
|
let dir = TempDir::new(format!("btnode.{port}").as_str())?;
|
|
|
let dir_path = dir.path();
|
|
|
let dir_path_display = dir_path.display();
|
|
|
- let bus_name = format!("btnode.port{port}");
|
|
|
let conf_path = dir_path.join("swtpm_setup.conf");
|
|
|
let state_path = dir_path.join("state.bt");
|
|
|
- let addr = "127.0.0.1";
|
|
|
+ let pid_path = dir_path.join("swtpm.pid");
|
|
|
+ let addr = Self::HOST;
|
|
|
std::fs::write(&conf_path,
|
|
|
r#"# Program invoked for creating certificates
|
|
|
create_certs_tool= /usr/bin/swtpm_localca
|
|
|
@@ -1114,35 +1118,27 @@ active_pcr_banks = sha256
|
|
|
.stdout(Stdio::null())
|
|
|
.status()?
|
|
|
.success_or_err()?;
|
|
|
- let swtpm = Command::new("swtpm")
|
|
|
+ Command::new("swtpm")
|
|
|
.args([
|
|
|
"socket",
|
|
|
+ "--daemon",
|
|
|
"--tpm2",
|
|
|
"--server", format!("type=tcp,port={port},bindaddr={addr}").as_str(),
|
|
|
"--ctrl", format!("type=tcp,port={ctrl_port},bindaddr={addr}").as_str(),
|
|
|
"--log", format!("file={dir_path_display}/log.txt,level=5").as_str(),
|
|
|
"--flags", "not-need-init,startup-clear",
|
|
|
"--tpmstate", format!("dir={dir_path_display}").as_str(),
|
|
|
+ "--pid", format!("file={}", pid_path.display()).as_str(),
|
|
|
])
|
|
|
- .spawn()?;
|
|
|
- let abrmd = Command::new("tpm2-abrmd")
|
|
|
- .args([
|
|
|
- "--session",
|
|
|
- format!("--dbus-name={bus_name}").as_str(),
|
|
|
- format!("--tcti=swtpm:host={addr},port={port}").as_str(),
|
|
|
- ])
|
|
|
- .spawn()?;
|
|
|
- // TODO: This wait is flakey and system-specific. I need to find a DBus library I can
|
|
|
- // use to check when tpm2-abrmd has finished starting up and is accepting bus
|
|
|
- // connections.
|
|
|
- std::thread::sleep(std::time::Duration::from_millis(50));
|
|
|
- Ok(SwtpmHarness { dir, swtpm, abrmd, bus_name, state_path })
|
|
|
+ .status()?
|
|
|
+ .success_or_err()?;
|
|
|
+ Ok(SwtpmHarness { dir, port, state_path, pid_path, })
|
|
|
}
|
|
|
|
|
|
fn context(&self) -> Result<Context> {
|
|
|
- let config_string = format!("bus_type=session,bus_name={}", self.bus_name);
|
|
|
- let config = TabrmdConfig::from_str(config_string.as_str())?;
|
|
|
- Ok(Context::new(TctiNameConf::Tabrmd(config))?)
|
|
|
+ let config_string = format!("host={},port={}", Self::HOST, self.port);
|
|
|
+ let config = NetworkTPMConfig::from_str(config_string.as_str())?;
|
|
|
+ Ok(Context::new(TctiNameConf::Swtpm(config))?)
|
|
|
}
|
|
|
|
|
|
fn state_path(&self) -> &Path {
|
|
|
@@ -1152,15 +1148,10 @@ active_pcr_banks = sha256
|
|
|
|
|
|
impl Drop for SwtpmHarness {
|
|
|
fn drop(&mut self) {
|
|
|
- if let Err(error) = self.abrmd.kill() {
|
|
|
- error!("failed to kill tpm2-abrmd process with PID {}: {}", self.abrmd.id(), error);
|
|
|
- }
|
|
|
- if let Err(error) = self.abrmd.wait() {
|
|
|
- error!("failed to wait for abrmd with PID {} to halt: {}", self.abrmd.id(), error);
|
|
|
- }
|
|
|
- if let Err(error) = self.swtpm.kill() {
|
|
|
- error!("failed to kill swtpm process with PID {}: {}", self.swtpm.id(), error);
|
|
|
- }
|
|
|
+ let pid_str = std::fs::read_to_string(&self.pid_path).unwrap();
|
|
|
+ let pid_int = pid_str.parse::<i32>().unwrap();
|
|
|
+ let pid = Pid::from_raw(pid_int);
|
|
|
+ signal::kill(pid, Signal::SIGKILL).unwrap();
|
|
|
}
|
|
|
}
|
|
|
|
Matthew Carr