/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#include <fcntl.h>
#include <unistd.h>
#include "sd-json.h"
#include "escape.h"
#include "fd-util.h"
#include "fileio.h"
+#include "fs-util.h"
#include "json-util.h"
#include "log.h"
#include "memfd-util.h"
#include "string-util.h"
#include "strv.h"
#include "swtpm-util.h"
+#include "sync-util.h"
static int swtpm_find_best_profile(const char *swtpm_setup, char **ret) {
int r;
assert(state_dir);
- _cleanup_close_ int state_dir_fd = xopenat(AT_FDCWD, state_dir, O_RDONLY|O_DIRECTORY|O_CLOEXEC);
+ _cleanup_close_ int state_dir_fd = open(state_dir, O_RDONLY|O_DIRECTORY|O_CLOEXEC);
if (state_dir_fd < 0)
- return log_error_errno(state_dir_fd, "Failed to open TPM state directory '%s': %m", state_dir);
+ return log_error_errno(errno, "Failed to open TPM state directory '%s': %m", state_dir);
_cleanup_free_ char *swtpm_setup = NULL;
r = find_executable("swtpm_setup", &swtpm_setup);
_exit(EXIT_FAILURE);
}
+ /* Persist swtpm_setup's freshly created TPM state before writing the completion marker. */
+ r = syncfs_path(state_dir_fd, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to sync TPM state directory: %m");
+
+ /* Marker, written last, signals that manufacturing completed successfully. */
+ _cleanup_close_ int marker_fd = xopenat(state_dir_fd, SWTPM_MANUFACTURED_MARKER, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOFOLLOW);
+ if (marker_fd < 0)
+ return log_error_errno(marker_fd, "Failed to write '%s' marker: %m", SWTPM_MANUFACTURED_MARKER);
+
return 0;
}
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
+/* Marker file written into the TPM state directory once swtpm_setup has successfully created the TPM state.
+ * It is written last, so its presence reliably means a complete TPM was manufactured, rather than a manufacture
+ * that was interrupted halfway through. */
+#define SWTPM_MANUFACTURED_MARKER ".manufactured"
+
int manufacture_swtpm(const char *state_dir, const char *secret);
#include "main-func.h"
#include "path-lookup.h"
#include "path-util.h"
+#include "rm-rf.h"
#include "sha256.h"
-#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
#include "swtpm-util.h"
return log_error_errno(r, "Failed to remove 'tpm2-00.volatilestate': %m");
}
- r = dir_is_empty_at(state_fd, /* path= */ NULL, /* ignore_hidden_or_backup= */ false);
- if (r < 0)
- return log_error_errno(r, "Failed to check if TPM state directory is empty: %m");
- if (r == 0) {
- log_debug("TPM state directory is already populated, not manufacturing a TPM.");
+ /* manufacture_swtpm() writes its marker only after swtpm_setup has fully created the TPM state.
+ * If the marker file is missing, the existing state is incomplete and recreation is needed. */
+ r = RET_NERRNO(faccessat(state_fd, SWTPM_MANUFACTURED_MARKER, F_OK, AT_SYMLINK_NOFOLLOW));
+ if (r >= 0) {
+ log_debug("TPM state directory holds a fully manufactured TPM, not manufacturing a TPM.");
return 0;
}
+ if (r != -ENOENT)
+ return log_error_errno(r, "Failed to check for TPM manufacture marker: %m");
if (!in_initrd())
return log_error_errno(SYNTHETIC_ERRNO(ESTALE), "swtpm TPM state directory has not been initialized in the initrd, refusing.");
- log_debug("TPM state directory is unpopulated, manufacturing a TPM.");
+ /* Cleanup incomplete state before recreating. */
+ _cleanup_close_ int wipe_fd = fd_reopen(state_fd, O_RDONLY|O_DIRECTORY|O_CLOEXEC);
+ if (wipe_fd < 0)
+ return log_error_errno(wipe_fd, "Failed to reopen swtpm state directory: %m");
+ r = rm_rf_children(TAKE_FD(wipe_fd), REMOVE_PHYSICAL, /* root_dev= */ NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to clear incomplete swtpm state directory: %m");
+
+ log_debug("TPM state directory holds no fully manufactured TPM, manufacturing a TPM.");
return manufacture_swtpm(state_dir, secret);
}
set -eux
set -o pipefail
-# Exercises the software TPM fallback (systemd-tpm2-swtpm.service) across a reboot. The VM boots in EFI mode
+# Exercises the software TPM fallback (systemd-tpm2-swtpm.service) across reboots. The VM boots in EFI mode
# without a hardware/firmware TPM and with "systemd.tpm2_software_fallback=yes" (see the test's meson.build),
# so systemd-tpm2-generator manufactures a software TPM on the ESP in the initrd and chainloads swtpm.
#
# boot 0: the TPM is manufactured in the initrd; seal a secret to it and stash the blob.
-# boot 1: the TPM state persisted on the ESP across the reboot, so the secret still unseals.
+# boot 1: the TPM state persisted on the ESP across the reboot, so the secret still unseals. Then mimic a
+# manufacture that was interrupted before it completed (drop everything but the config files, so the
+# ".manufactured" marker is gone) and reboot.
+# boot 2: setup_swtpm() must notice the missing marker and re-manufacture, rather than mistaking the
+# leftover config files for a complete TPM and starting swtpm against a stateless directory.
#
# See systemd-tpm2-swtpm.service(8).
CRED=/var/lib/systemd-tpm2-swtpm-test.cred
PLAINTEXT="swtpm round-trip"
+# Marker (SWTPM_MANUFACTURED_MARKER) that manufacture_swtpm() indicates completion with.
+MARKER=.manufactured
if [[ -n "${ASAN_OPTIONS:-}" ]]; then
# swtpm_setup is not built with sanitizers, but does NSS lookups that pull in the ASan-instrumented
assert_in '\+driver' "$(systemd-analyze has-tpm2 || :)"
}
+# Locate swtpm's state directory on the ESP.
+swtpm_state_dir() {
+ local d
+ for d in /boot/loader/swtpm /efi/loader/swtpm; do
+ [[ -d "$d" ]] && { echo "$d"; return 0; }
+ done
+ return 1
+}
+
case "$REBOOT_COUNT" in
0)
assert_swtpm_up
# Persistence: the TPM state survived the reboot on the ESP, so the blob still unseals.
echo -n "$PLAINTEXT" >/tmp/swtpm-plaintext
systemd-creds decrypt --name= "$CRED" - | cmp /tmp/swtpm-plaintext -
+
+ # Mimic a manufacture interrupted after swtpm began writing TPM state but before the marker: stop
+ # swtpm, drop everything except the three config files, then leave a partial/corrupt state file
+ # behind. swtpm_setup --not-overwrite would refuse to recreate that, so recovery must clear it first.
+ statedir="$(swtpm_state_dir)"
+ systemctl stop systemd-tpm2-swtpm.service
+ find "$statedir" -mindepth 1 -maxdepth 1 -type f \
+ ! -name swtpm-localca.conf ! -name swtpm-localca.options ! -name swtpm_setup.conf -delete
+ echo "corrupt" >"$statedir/tpm2-00.permall"
+ test -e "$statedir/swtpm_setup.conf"
+ test ! -e "$statedir/$MARKER"
+ systemctl_final reboot
+ exec sleep infinity
+ ;;
+ 2)
+ # setup_swtpm() must have re-manufactured instead of trusting the leftover config files: the marker is
+ # back and swtpm_setup re-ran swtpm_localca, recreating issuer-certificate.pem. The TPM must also work.
+ # Regression test for keying re-manufacture off an incomplete state directory.
+ assert_swtpm_up
+ statedir="$(swtpm_state_dir)"
+ test -e "$statedir/$MARKER"
+ test -e "$statedir/issuer-certificate.pem"
+ echo -n "$PLAINTEXT" >/tmp/swtpm-plaintext
+ systemd-creds encrypt --name= --with-key=tpm2 /tmp/swtpm-plaintext /tmp/swtpm-new.cred
+ systemd-creds decrypt --name= /tmp/swtpm-new.cred - | cmp /tmp/swtpm-plaintext -
touch /testok
;;
*)
projects / thirdparty / systemd.git / commitdiff
