1# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5import logging, os, re, shutil, sys, time 6from autotest_lib.client.bin import test, utils 7 8class platform_CryptohomeTPMReOwn(test.test): 9 """ 10 Test of cryptohome functionality to re-create a user's vault directory if 11 the TPM is cleared and re-owned and the vault keyset is TPM-wrapped. 12 """ 13 version = 1 14 preserve_srcdir = True 15 16 17 def __run_cmd(self, cmd): 18 result = utils.system_output(cmd + ' 2>&1', retain_output=True, 19 ignore_status=True) 20 return result 21 22 23 def run_once(self, subtest='None'): 24 test_user = 'this_is_a_local_test_account@chromium.org' 25 test_password = 'this_is_a_test_password' 26 27 logging.info("Running client subtest %s", subtest) 28 if (subtest == 'clear_tpm'): 29 output = self.__run_cmd("/usr/sbin/tpm_clear --force") 30 self.job.set_state("client_status", "Success") 31 elif (subtest == 'enable_tpm'): 32 output = self.__run_cmd("/usr/bin/tpm_init_temp_fix") 33 self.job.set_state("client_status", "Success") 34 elif (subtest == 'mount_cryptohome'): 35 output = self.__run_cmd("/usr/sbin/cryptohome --action=remove " + 36 "--force --user=" + test_user) 37 ready = False 38 for n in range(0, 20): 39 output = self.__run_cmd("/usr/sbin/cryptohome " + 40 "--action=tpm_status") 41 if (output.find("TPM Ready: true") >= 0): 42 ready = True 43 break 44 time.sleep(10) 45 if (ready == False): 46 error_msg = "TPM never became ready" 47 self.job.set_state("client_status", error_msg) 48 return 49 output = self.__run_cmd("/usr/sbin/cryptohome --action=mount" + 50 " --user=" + test_user + 51 " --password=" + test_password) 52 if (output.find("Mount succeeded") < 0): 53 error_msg = "Cryptohome mount failed" 54 self.job.set_state("client_status", error_msg) 55 return 56 output = self.__run_cmd("echo TEST_CONTENT > " + 57 "/home/chronos/user/TESTFILE") 58 output = self.__run_cmd("/usr/sbin/cryptohome --action=unmount") 59 output = self.__run_cmd("/usr/sbin/cryptohome " + 60 "--action=dump_keyset --user=" + test_user) 61 if (output.find("TPM_WRAPPED") < 0): 62 error_msg = 'Cryptohome did not create a TPM-wrapped keyset.' 63 self.job.set_state("client_status", error_msg) 64 return 65 self.job.set_state("client_status", "Success") 66 elif (subtest == 'mount_cryptohome_after_reboot'): 67 ready = False 68 for n in range(0, 20): 69 output = self.__run_cmd("/usr/sbin/cryptohome " + 70 "--action=tpm_status") 71 if (output.find("TPM Ready: true") >= 0): 72 ready = True 73 break 74 time.sleep(10) 75 if (ready == False): 76 error_msg = 'TPM never became ready' 77 self.job.set_state("client_status", error_msg) 78 return 79 output = self.__run_cmd("/usr/sbin/cryptohome --action=mount" + 80 " --user=" + test_user + 81 " --password=" + test_password) 82 if (output.find("Mount succeeded") < 0): 83 error_msg = 'Cryptohome mount failed' 84 self.job.set_state("client_status", error_msg) 85 return 86 output = self.__run_cmd("cat /home/chronos/user/TESTFILE 2>&1") 87 if (output.find("TEST_CONTENT") < 0): 88 output = self.__run_cmd("/usr/sbin/cryptohome --action=unmount") 89 error_msg = ('Cryptohome did not contain original test file') 90 self.job.set_state("client_status", error_msg) 91 return 92 output = self.__run_cmd("/usr/sbin/cryptohome --action=unmount") 93 self.job.set_state("client_status", "Success") 94 elif (subtest == 'mount_cryptohome_check_recreate'): 95 ready = False 96 for n in range(0, 20): 97 output = self.__run_cmd("/usr/sbin/cryptohome " + 98 "--action=tpm_status") 99 if (output.find("TPM Ready: true") >= 0): 100 ready = True 101 break 102 time.sleep(10) 103 if (ready == False): 104 error_msg = 'TPM never became ready' 105 self.job.set_state("client_status", error_msg) 106 return 107 output = self.__run_cmd("/usr/sbin/cryptohome --action=mount" + 108 " --user=" + test_user + 109 " --password=" + test_password) 110 if (output.find("Mount succeeded") < 0): 111 error_msg = 'Cryptohome mount failed' 112 self.job.set_state("client_status", error_msg) 113 return 114 output = self.__run_cmd("cat /home/chronos/user/TESTFILE 2>&1") 115 if (output.find("TEST_CONTENT") >= 0): 116 output = self.__run_cmd("/usr/sbin/cryptohome --action=unmount") 117 error_msg = ('Cryptohome not re-created, ' + 118 'found original test file') 119 self.job.set_state("client_status", error_msg) 120 return 121 output = self.__run_cmd("/usr/sbin/cryptohome --action=unmount") 122 output = self.__run_cmd("/usr/sbin/cryptohome " + 123 "--action=dump_keyset --user=" + test_user) 124 if (output.find("TPM_WRAPPED") < 0): 125 error_msg = ('Cryptohome did not create a ' + 126 'TPM-wrapped keyset on reboot.') 127 self.job.set_state("client_status", error_msg) 128 return 129 self.job.set_state("client_status", "Success") 130