From 836bdb63c67ab8b57232072994133ecbdcee3af3 Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar Date: Tue, 31 May 2022 20:33:43 -0700 Subject: [PATCH] tpm2-tools: Convert to using swtpm instead of tpm_server for testing Also don't hardcode path to automake test-driver. Resolves: rhbz#2090748 Signed-off-by: Jerry Snitselaar --- ...arms-fix-condition-for-negative-test.patch | 34 ++++++++++++++++ test-fixup.patch | 12 ++++++ tests/runtest.sh | 40 ++----------------- tests/tests.yml | 4 +- tpm2-tools.spec | 2 + 5 files changed, 53 insertions(+), 39 deletions(-) create mode 100644 0001-testparms-fix-condition-for-negative-test.patch create mode 100644 test-fixup.patch diff --git a/0001-testparms-fix-condition-for-negative-test.patch b/0001-testparms-fix-condition-for-negative-test.patch new file mode 100644 index 0000000..a1da9f8 --- /dev/null +++ b/0001-testparms-fix-condition-for-negative-test.patch @@ -0,0 +1,34 @@ +From 0789bf264a108c4718875a050d00b1fdee4478b7 Mon Sep 17 00:00:00 2001 +From: Jonas Witschel +Date: Wed, 29 Sep 2021 17:08:07 +0200 +Subject: [PATCH] testparms: fix condition for negative test +Content-type: text/plain + +Commit e858dec76686bb4c42e74e0984b433231e530f93 ("testparms: ensure curve not +supported before negative test") is supposed to ensure that the negative test +is run only if ecc521 is *not* supported, but instead it runs the negative test +if ecc521 is *available*. This worked anyway for libtpms < 0.9.0 because camellia +was not supported, but since libtpms 0.9.0 added support for this algorithm, the +test suite fails now with swtpm. + +Signed-off-by: Jonas Witschel +--- + test/integration/tests/testparms.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/integration/tests/testparms.sh b/test/integration/tests/testparms.sh +index 8c3548e58f39..a587a60a34cf 100644 +--- a/test/integration/tests/testparms.sh ++++ b/test/integration/tests/testparms.sh +@@ -63,7 +63,7 @@ else + fi + + # Attempt to specify a suite that is not supported (error from TPM) +-if tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then ++if ! tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then + if tpm2 testparms "ecc521:ecdsa:camellia" &>/dev/null; then + echo "tpm2 testparms succeeded while it shouldn't or TPM failed" + exit 1 +-- +2.35.3 + diff --git a/test-fixup.patch b/test-fixup.patch new file mode 100644 index 0000000..9610d4c --- /dev/null +++ b/test-fixup.patch @@ -0,0 +1,12 @@ +diff -ur tpm2-tools-5.2/test/integration/helpers.sh tpm2-tools-5.2-new/test/integration/helpers.sh +--- tpm2-tools-5.2/test/integration/helpers.sh 2021-08-23 09:47:20.000000000 -0700 ++++ tpm2-tools-5.2-new/test/integration/helpers.sh 2022-05-31 16:06:07.939025537 -0700 +@@ -409,7 +409,7 @@ + echo "Starting tpm2-abrmd" + # Start tpm2-abrmd + start_abrmd || exit 1 +- run_startup=false ++ # run_startup=false + else + echo "not starting abrmd" + fi diff --git a/tests/runtest.sh b/tests/runtest.sh index ec51401..9a64383 100755 --- a/tests/runtest.sh +++ b/tests/runtest.sh @@ -1,38 +1,5 @@ #!/bin/bash -# get tpm simulator code -IBMTPM_VERSION=1661 -wget --no-check-certificate https://downloads.sourceforge.net/project/ibmswtpm2/ibmtpm$IBMTPM_VERSION.tar.gz - -res="$?" - -if [[ "$res" -ne 0 ]]; then - echo "wget failed" - exit 1 -fi - -# unpackage and build the source -mkdir ibmtpm -pushd ibmtpm -tar xf ../ibmtpm$IBMTPM_VERSION.tar.gz -pushd src -# fixup for openssl 3 -sed -i -e "s|OPENSSL_VERSION_NUMBER >= 0x10200000L|OPENSSL_VERSION_NUMBER > 0x30000010L|" TpmToOsslMath.h -sed -i -e "s|CCFLAGS = -Wall|CCFLAGS = -Wall -Wno-error=deprecated-declarations|" makefile -make - -res="$?" - -if [[ "$res" -ne 0 ]]; then - echo "make of ibmtpm failed" - popd - popd - rm -rf ibmtpm ibmtpm$IBMTPM_VERSION.tar.gz - exit 1 -fi -popd -popd - # Update python command in tpm2-tools tests pushd source/test/integration sed -i -e 's/python/python3/g' helpers.sh @@ -44,10 +11,11 @@ popd popd TPM2_ABRMD=tpm2-abrmd -TPM2_SIM=tpm_server +TPM2_SIM=swtpm TPM2_TOOLS_TEST_FIXTURES=`pwd`/source/test/integration/fixtures -PATH=`pwd`/ibmtpm/src/:.:$PATH +PATH=.:$PATH abs_srcdir=`pwd`/source +test_drv=`rpm -ql automake | grep test-driver` export TPM2_ABRMD TPM2_SIM TPM2_TOOLS_TEST_FIXTURES PATH abs_srcdir pushd source/test/integration @@ -55,7 +23,7 @@ for t in `ls tests/*.sh` do f=`basename $t` test=${f%%.*} - /usr/share/automake-1.16/test-driver --test-name $test --log-file $test.log --trs-file $test.trs $t + $test_drv --test-name $test --log-file $test.log --trs-file $test.trs $t done all=`grep ":test-result:" *.trs | wc -l`; pass=`grep ":test-result: PASS" *.trs | wc -l`; diff --git a/tests/tests.yml b/tests/tests.yml index 18e8e09..8f31daa 100644 --- a/tests/tests.yml +++ b/tests/tests.yml @@ -7,10 +7,7 @@ tags: - classic required_packages: - - gcc - - make - automake - - wget - openssl - openssl-devel - sed @@ -19,6 +16,7 @@ - tpm2-tools - tpm2-abrmd - tpm2-abrmd-selinux + - swtpm - python3 - vim-common - perl-Digest-SHA diff --git a/tpm2-tools.spec b/tpm2-tools.spec index 8985441..c9ff216 100644 --- a/tpm2-tools.spec +++ b/tpm2-tools.spec @@ -9,6 +9,8 @@ License: BSD URL: https://github.com/tpm2-software/tpm2-tools Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}%{?candidate:-%{candidate}}/%{name}-%{version}%{?candidate:-%{candidate}}.tar.gz Patch0: 0019-build-Use-hardcoded-version-variable.patch +Patch1: test-fixup.patch +Patch2: 0001-testparms-fix-condition-for-negative-test.patch BuildRequires: make BuildRequires: gcc-c++