From: Frantisek Sumsal Date: Fri, 2 Jun 2023 18:28:41 +0000 (+0200) Subject: test: move TPM2-related setup stuff into test-functions X-Git-Tag: v254-rc1~281^2~11 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=18fa5c8283528253a9a4d8af42ceac61cd23c42b;p=thirdparty%2Fsystemd.git test: move TPM2-related setup stuff into test-functions And hide it all behind $TEST_SETUP_SWTPM. --- diff --git a/test/TEST-70-TPM2/test.sh b/test/TEST-70-TPM2/test.sh index f448a4a5f10..727d1590948 100755 --- a/test/TEST-70-TPM2/test.sh +++ b/test/TEST-70-TPM2/test.sh @@ -5,6 +5,7 @@ set -e TEST_DESCRIPTION="cryptenroll/cryptsetup with TPM2 devices" IMAGE_NAME="tpm2" TEST_NO_NSPAWN=1 +TEST_SETUP_SWTPM=1 TEST_REQUIRE_INSTALL_TESTS=0 # shellcheck source=test/test-functions @@ -24,22 +25,4 @@ test_append_files() { inst_binary openssl } -TEST_70_TPM_DEVICE="tpm-tis" -if [[ "$(uname -m)" == "ppc64le" ]]; then - # tpm-spapr support was introduced in qemu 5.0.0. Skip test for old qemu versions. - qemu_min_version "5.0.0" || exit 0 - TEST_70_TPM_DEVICE="tpm-spapr" -fi - -TEST_70_at_exit() { - [[ -n "${TEST_70_SWTPM_PID:-}" ]] && kill "$TEST_70_SWTPM_PID" &>/dev/null - [[ -n "${TEST_70_TPM_STATE:-}" ]] && rm -rf "$TEST_70_TPM_STATE" -} - -TEST_70_TPM_STATE="$(mktemp -d)" -swtpm socket --tpm2 --tpmstate dir="$TEST_70_TPM_STATE" --ctrl type=unixio,path="$TEST_70_TPM_STATE/sock" & -TEST_70_SWTPM_PID=$! -add_at_exit_handler TEST_70_at_exit -QEMU_OPTIONS+=" -chardev socket,id=chrtpm,path=$TEST_70_TPM_STATE/sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device $TEST_70_TPM_DEVICE,tpmdev=tpm0" - do_test "$@" diff --git a/test/test-functions b/test/test-functions index 25021779083..f374e8ade0a 100644 --- a/test/test-functions +++ b/test/test-functions @@ -69,21 +69,14 @@ _at_exit() { # Run the EXIT handlers in reverse order for ((i = ${#_AT_EXIT_HANDLERS[@]} - 1; i >= 0; i--)); do ddebug "Running EXIT handler '${_AT_EXIT_HANDLERS[$i]}'" - "${_AT_EXIT_HANDLERS[$i]}" + eval "${_AT_EXIT_HANDLERS[$i]}" done } trap _at_exit EXIT add_at_exit_handler() { - local handler="${1?}" - - if [[ "$(type -t "$handler")" != "function" ]]; then - dfatal "'$handler' is not a function" - exit 1 - fi - - _AT_EXIT_HANDLERS+=("$handler") + _AT_EXIT_HANDLERS+=("${1:?}") } # Decide if we can (and want to) run qemu with KVM acceleration. @@ -364,6 +357,48 @@ find_qemu_bin() { fi } +qemu_setup_swtpm_socket() { + local pid state_dir tpm_device + + if ! tpm_device="$(qemu_get_tpm_device)"; then + dinfo "Found QEMU version is too old for TPM2 on ppc64le" + exit 0 + fi + + state_dir="$(mktemp -d)" + swtpm socket --tpm2 --tpmstate dir="$state_dir" --ctrl type=unixio,path="$state_dir/sock" & + pid=$! + if ! kill -0 "$pid"; then + echo >&2 "Failed to setup swtpm socket" + return 1 + fi + + dinfo "Started swtpm as PID $pid with state dir $state_dir" + + add_at_exit_handler "kill -TERM $pid 2>/dev/null; rm -rf '$state_dir'" + + QEMU_OPTIONS+=" -chardev socket,id=chrtpm,path=$state_dir/sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device $tpm_device,tpmdev=tpm0" + dinfo "Configured emulated TPM2 device $tpm_device" + + return 0 +} + +qemu_get_tpm_device() { + local tpm_device="tpm-tis" + + if [[ "$(uname -m)" == "ppc64le" ]]; then + # tpm-spapr support was introduced in qemu 5.0.0 + if ! qemu_min_version "5.0.0"; then + return 1 + fi + + tpm_device="tpm-spapr" + fi + + echo "$tpm_device" + return 0 +} + # Compares argument #1=X.Y.Z (X&Y&Z = numeric) to the version of the installed qemu # returns 0 if newer or equal # returns 1 if older @@ -454,6 +489,10 @@ run_qemu() { find_qemu_bin || return 1 + if get_bool "${TEST_SETUP_SWTPM:-}"; then + qemu_setup_swtpm_socket || return 1 + fi + # Umount initdir to avoid concurrent access to the filesystem _umount_dir "$initdir"