123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- #!/bin/sh
- # Script for provisioning and running the swtpm emulator. This script can only be run by a user with
- # sudo privileges.
- set -e
- # The name of the virtual TPM device. This will determine the name of the device under /dev.
- TPM_NAME=vtpm0
- # The path to the directory where the TPM's state will be stored.
- TPM_PATH=/tmp/$TPM_NAME
- # The file where swtpm's pid will be stored.
- TPM_PID=$TPM_PATH/swtpm.pid
- # The file where tpm2-abrmd's pid will be stored.
- TPM_ABRMD_PID=$TPM_PATH/tpm2-abrmd.pid
- TPM_ADDR=127.0.0.1
- TPM_PORT=2321
- setup() {
- mkdir -p $TPM_PATH
- swtpm_setup --config swtpm_setup.conf --tpm-state dir://$TPM_PATH \
- --tpm2 --ecc --createek --display
- }
- start() {
- if [ ! -d $TPM_PATH ]; then
- setup
- fi
- if [ -f $TPM_PID ]; then
- echo "swtpm is already running with PID $(cat $TPM_PID)."
- exit 1
- fi
- swtpm socket --server type=tcp,port=$TPM_PORT,bindaddr=$TPM_ADDR \
- --ctrl type=tcp,port=$(($TPM_PORT + 1)),bindaddr=$TPM_ADDR \
- --tpm2 --log file=$TPM_PATH/log.txt,level=5 \
- --flags not-need-init,startup-clear --pid file=$TPM_PID \
- --tpmstate dir=$TPM_PATH --daemon
- if [ "$UID" = 0 ]; then
- # If this script was run as root, then connect to the system bus.
- tpm2-abrmd --tcti="swtpm:host=$TPM_ADDR" --allow-root &
- else
- tpm2-abrmd --tcti="swtpm:host=$TPM_ADDR" --session &
- fi
- echo -n $! > $TPM_ABRMD_PID
- }
- kill_from_file() {
- pid=$(cat $1)
- kill -s TERM $pid
- }
- stop() {
- if [ ! -f $TPM_PID ]; then
- echo "swtpm is not running."
- exit 1
- fi
- kill_from_file $TPM_ABRMD_PID
- rm $TPM_ABRMD_PID
- kill_from_file $TPM_PID
- }
- restart() {
- stop
- sleep 0.2
- start
- }
- purge() {
- if [ -f $TPM_PID ]; then
- stop
- fi
- rm -rf $TPM_PATH
- }
- usage() {
- echo "${0} <start|stop|restart>"
- }
- case "${1}" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- restart
- ;;
- purge)
- purge
- ;;
- *)
- usage
- ;;
- esac
|