~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/tools/testing/selftests/tpm2/tpm2_tests.py

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /tools/testing/selftests/tpm2/tpm2_tests.py (Version linux-6.12-rc7) and /tools/testing/selftests/tpm2/tpm2_tests.py (Version linux-4.4.302)


  1 # SPDX-License-Identifier: (GPL-2.0 OR BSD-3-C    
  2                                                   
  3 from argparse import ArgumentParser               
  4 from argparse import FileType                     
  5 import os                                         
  6 import sys                                        
  7 import tpm2                                       
  8 from tpm2 import ProtocolError                    
  9 import unittest                                   
 10 import logging                                    
 11 import struct                                     
 12                                                   
 13 class SmokeTest(unittest.TestCase):               
 14     def setUp(self):                              
 15         self.client = tpm2.Client()               
 16         self.root_key = self.client.create_roo    
 17                                                   
 18     def tearDown(self):                           
 19         self.client.flush_context(self.root_ke    
 20         self.client.close()                       
 21                                                   
 22     def test_seal_with_auth(self):                
 23         data = ('X' * 64).encode()                
 24         auth = ('A' * 15).encode()                
 25                                                   
 26         blob = self.client.seal(self.root_key,    
 27         result = self.client.unseal(self.root_    
 28         self.assertEqual(data, result)            
 29                                                   
 30     def determine_bank_alg(self, mask):           
 31         pcr_banks = self.client.get_cap_pcrs()    
 32         for bank_alg, pcrSelection in pcr_bank    
 33             if pcrSelection & mask == mask:       
 34                 return bank_alg                   
 35         return None                               
 36                                                   
 37     def test_seal_with_policy(self):              
 38         bank_alg = self.determine_bank_alg(1 <    
 39         self.assertIsNotNone(bank_alg)            
 40                                                   
 41         handle = self.client.start_auth_sessio    
 42                                                   
 43         data = ('X' * 64).encode()                
 44         auth = ('A' * 15).encode()                
 45         pcrs = [16]                               
 46                                                   
 47         try:                                      
 48             self.client.policy_pcr(handle, pcr    
 49             self.client.policy_password(handle    
 50                                                   
 51             policy_dig = self.client.get_polic    
 52         finally:                                  
 53             self.client.flush_context(handle)     
 54                                                   
 55         blob = self.client.seal(self.root_key,    
 56                                                   
 57         handle = self.client.start_auth_sessio    
 58                                                   
 59         try:                                      
 60             self.client.policy_pcr(handle, pcr    
 61             self.client.policy_password(handle    
 62                                                   
 63             result = self.client.unseal(self.r    
 64         except:                                   
 65             self.client.flush_context(handle)     
 66             raise                                 
 67                                                   
 68         self.assertEqual(data, result)            
 69                                                   
 70     def test_unseal_with_wrong_auth(self):        
 71         data = ('X' * 64).encode()                
 72         auth = ('A' * 20).encode()                
 73         rc = 0                                    
 74                                                   
 75         blob = self.client.seal(self.root_key,    
 76         try:                                      
 77             result = self.client.unseal(self.r    
 78                         auth[:-1] + 'B'.encode    
 79         except ProtocolError as e:                
 80             rc = e.rc                             
 81                                                   
 82         self.assertEqual(rc, tpm2.TPM2_RC_AUTH    
 83                                                   
 84     def test_unseal_with_wrong_policy(self):      
 85         bank_alg = self.determine_bank_alg(1 <    
 86         self.assertIsNotNone(bank_alg)            
 87                                                   
 88         handle = self.client.start_auth_sessio    
 89                                                   
 90         data = ('X' * 64).encode()                
 91         auth = ('A' * 17).encode()                
 92         pcrs = [16]                               
 93                                                   
 94         try:                                      
 95             self.client.policy_pcr(handle, pcr    
 96             self.client.policy_password(handle    
 97                                                   
 98             policy_dig = self.client.get_polic    
 99         finally:                                  
100             self.client.flush_context(handle)     
101                                                   
102         blob = self.client.seal(self.root_key,    
103                                                   
104         # Extend first a PCR that is not part     
105         # This should succeed.                    
106                                                   
107         ds = tpm2.get_digest_size(bank_alg)       
108         self.client.extend_pcr(1, ('X' * ds).e    
109                                                   
110         handle = self.client.start_auth_sessio    
111                                                   
112         try:                                      
113             self.client.policy_pcr(handle, pcr    
114             self.client.policy_password(handle    
115                                                   
116             result = self.client.unseal(self.r    
117         except:                                   
118             self.client.flush_context(handle)     
119             raise                                 
120                                                   
121         self.assertEqual(data, result)            
122                                                   
123         # Then, extend a PCR that is part of t    
124         # This should fail.                       
125         self.client.extend_pcr(16, ('X' * ds).    
126                                                   
127         handle = self.client.start_auth_sessio    
128                                                   
129         rc = 0                                    
130                                                   
131         try:                                      
132             self.client.policy_pcr(handle, pcr    
133             self.client.policy_password(handle    
134                                                   
135             result = self.client.unseal(self.r    
136         except ProtocolError as e:                
137             rc = e.rc                             
138             self.client.flush_context(handle)     
139         except:                                   
140             self.client.flush_context(handle)     
141             raise                                 
142                                                   
143         self.assertEqual(rc, tpm2.TPM2_RC_POLI    
144                                                   
145     def test_seal_with_too_long_auth(self):       
146         ds = tpm2.get_digest_size(tpm2.TPM2_AL    
147         data = ('X' * 64).encode()                
148         auth = ('A' * (ds + 1)).encode()          
149                                                   
150         rc = 0                                    
151         try:                                      
152             blob = self.client.seal(self.root_    
153         except ProtocolError as e:                
154             rc = e.rc                             
155                                                   
156         self.assertEqual(rc, tpm2.TPM2_RC_SIZE    
157                                                   
158     def test_too_short_cmd(self):                 
159         rejected = False                          
160         try:                                      
161             fmt = '>HIII'                         
162             cmd = struct.pack(fmt,                
163                               tpm2.TPM2_ST_NO_    
164                               struct.calcsize(    
165                               tpm2.TPM2_CC_FLU    
166                               0xDEADBEEF)         
167                                                   
168             self.client.send_cmd(cmd)             
169         except IOError as e:                      
170             rejected = True                       
171         except:                                   
172             pass                                  
173         self.assertEqual(rejected, True)          
174                                                   
175     def test_read_partial_resp(self):             
176         try:                                      
177             fmt = '>HIIH'                         
178             cmd = struct.pack(fmt,                
179                               tpm2.TPM2_ST_NO_    
180                               struct.calcsize(    
181                               tpm2.TPM2_CC_GET    
182                               0x20)               
183             self.client.tpm.write(cmd)            
184             hdr = self.client.tpm.read(10)        
185             sz = struct.unpack('>I', hdr[2:6])    
186             rsp = self.client.tpm.read()          
187         except:                                   
188             pass                                  
189         self.assertEqual(sz, 10 + 2 + 32)         
190         self.assertEqual(len(rsp), 2 + 32)        
191                                                   
192     def test_read_partial_overwrite(self):        
193         try:                                      
194             fmt = '>HIIH'                         
195             cmd = struct.pack(fmt,                
196                               tpm2.TPM2_ST_NO_    
197                               struct.calcsize(    
198                               tpm2.TPM2_CC_GET    
199                               0x20)               
200             self.client.tpm.write(cmd)            
201             # Read part of the respone            
202             rsp1 = self.client.tpm.read(15)       
203                                                   
204             # Send a new cmd                      
205             self.client.tpm.write(cmd)            
206                                                   
207             # Read the whole respone              
208             rsp2 = self.client.tpm.read()         
209         except:                                   
210             pass                                  
211         self.assertEqual(len(rsp1), 15)           
212         self.assertEqual(len(rsp2), 10 + 2 + 3    
213                                                   
214     def test_send_two_cmds(self):                 
215         rejected = False                          
216         try:                                      
217             fmt = '>HIIH'                         
218             cmd = struct.pack(fmt,                
219                               tpm2.TPM2_ST_NO_    
220                               struct.calcsize(    
221                               tpm2.TPM2_CC_GET    
222                               0x20)               
223             self.client.tpm.write(cmd)            
224                                                   
225             # expect the second one to raise -    
226             self.client.tpm.write(cmd)            
227             rsp = self.client.tpm.read()          
228                                                   
229         except IOError as e:                      
230             # read the response                   
231             rsp = self.client.tpm.read()          
232             rejected = True                       
233             pass                                  
234         except:                                   
235             pass                                  
236         self.assertEqual(rejected, True)          
237                                                   
238 class SpaceTest(unittest.TestCase):               
239     def setUp(self):                              
240         logging.basicConfig(filename='SpaceTes    
241                                                   
242     def test_make_two_spaces(self):               
243         log = logging.getLogger(__name__)         
244         log.debug("test_make_two_spaces")         
245                                                   
246         space1 = tpm2.Client(tpm2.Client.FLAG_    
247         root1 = space1.create_root_key()          
248         space2 = tpm2.Client(tpm2.Client.FLAG_    
249         root2 = space2.create_root_key()          
250         root3 = space2.create_root_key()          
251                                                   
252         log.debug("%08x" % (root1))               
253         log.debug("%08x" % (root2))               
254         log.debug("%08x" % (root3))               
255                                                   
256     def test_flush_context(self):                 
257         log = logging.getLogger(__name__)         
258         log.debug("test_flush_context")           
259                                                   
260         space1 = tpm2.Client(tpm2.Client.FLAG_    
261         root1 = space1.create_root_key()          
262         log.debug("%08x" % (root1))               
263                                                   
264         space1.flush_context(root1)               
265                                                   
266     def test_get_handles(self):                   
267         log = logging.getLogger(__name__)         
268         log.debug("test_get_handles")             
269                                                   
270         space1 = tpm2.Client(tpm2.Client.FLAG_    
271         space1.create_root_key()                  
272         space2 = tpm2.Client(tpm2.Client.FLAG_    
273         space2.create_root_key()                  
274         space2.create_root_key()                  
275                                                   
276         handles = space2.get_cap(tpm2.TPM2_CAP    
277                                                   
278         self.assertEqual(len(handles), 2)         
279                                                   
280         log.debug("%08x" % (handles[0]))          
281         log.debug("%08x" % (handles[1]))          
282                                                   
283     def test_invalid_cc(self):                    
284         log = logging.getLogger(__name__)         
285         log.debug(sys._getframe().f_code.co_na    
286                                                   
287         TPM2_CC_INVALID = tpm2.TPM2_CC_FIRST -    
288                                                   
289         space1 = tpm2.Client(tpm2.Client.FLAG_    
290         root1 = space1.create_root_key()          
291         log.debug("%08x" % (root1))               
292                                                   
293         fmt = '>HII'                              
294         cmd = struct.pack(fmt, tpm2.TPM2_ST_NO    
295                           TPM2_CC_INVALID)        
296                                                   
297         rc = 0                                    
298         try:                                      
299             space1.send_cmd(cmd)                  
300         except ProtocolError as e:                
301             rc = e.rc                             
302                                                   
303         self.assertEqual(rc, tpm2.TPM2_RC_COMM    
304                          tpm2.TSS2_RESMGR_TPM_    
305                                                   
306 class AsyncTest(unittest.TestCase):               
307     def setUp(self):                              
308         logging.basicConfig(filename='AsyncTes    
309                                                   
310     def test_async(self):                         
311         log = logging.getLogger(__name__)         
312         log.debug(sys._getframe().f_code.co_na    
313                                                   
314         async_client = tpm2.Client(tpm2.Client    
315         log.debug("Calling get_cap in a NON_BL    
316         async_client.get_cap(tpm2.TPM2_CAP_HAN    
317         async_client.close()                      
318                                                   
319     def test_flush_invalid_context(self):         
320         log = logging.getLogger(__name__)         
321         log.debug(sys._getframe().f_code.co_na    
322                                                   
323         async_client = tpm2.Client(tpm2.Client    
324         log.debug("Calling flush_context passi    
325         handle = 0x80123456                       
326         rc = 0                                    
327         try:                                      
328             async_client.flush_context(handle)    
329         except OSError as e:                      
330             rc = e.errno                          
331                                                   
332         self.assertEqual(rc, 22)                  
333         async_client.close()                      
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php