tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

selftests: tpm: upgrade TPM2 tests from Python 2 to Python 3

Python 2 is no longer supported by the Python upstream project, so
upgrade TPM2 tests to Python 3.

Fixed minor merge conflicts
Shuah Khan <skhan@linuxfoundation.org>

Signed-off-by: Pengfei Xu <pengfei.xu@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>

authored by

Pengfei Xu and committed by
Shuah Khan 0b78c9e8 377ff830

+52 -49
+2 -2
tools/testing/selftests/tpm2/test_smoke.sh
··· 6 6 7 7 [ -e /dev/tpm0 ] || exit $ksft_skip 8 8 9 - python -m unittest -v tpm2_tests.SmokeTest 10 - python -m unittest -v tpm2_tests.AsyncTest 9 + python3 -m unittest -v tpm2_tests.SmokeTest 10 + python3 -m unittest -v tpm2_tests.AsyncTest
+1 -1
tools/testing/selftests/tpm2/test_space.sh
··· 6 6 7 7 [ -e /dev/tpmrm0 ] || exit $ksft_skip 8 8 9 - python -m unittest -v tpm2_tests.SpaceTest 9 + python3 -m unittest -v tpm2_tests.SpaceTest
+29 -27
tools/testing/selftests/tpm2/tpm2.py
··· 247 247 class AuthCommand(object): 248 248 """TPMS_AUTH_COMMAND""" 249 249 250 - def __init__(self, session_handle=TPM2_RS_PW, nonce='', session_attributes=0, 251 - hmac=''): 250 + def __init__(self, session_handle=TPM2_RS_PW, nonce=bytes(), 251 + session_attributes=0, hmac=bytes()): 252 252 self.session_handle = session_handle 253 253 self.nonce = nonce 254 254 self.session_attributes = session_attributes 255 255 self.hmac = hmac 256 256 257 - def __str__(self): 257 + def __bytes__(self): 258 258 fmt = '>I H%us B H%us' % (len(self.nonce), len(self.hmac)) 259 259 return struct.pack(fmt, self.session_handle, len(self.nonce), 260 260 self.nonce, self.session_attributes, len(self.hmac), ··· 268 268 class SensitiveCreate(object): 269 269 """TPMS_SENSITIVE_CREATE""" 270 270 271 - def __init__(self, user_auth='', data=''): 271 + def __init__(self, user_auth=bytes(), data=bytes()): 272 272 self.user_auth = user_auth 273 273 self.data = data 274 274 275 - def __str__(self): 275 + def __bytes__(self): 276 276 fmt = '>H%us H%us' % (len(self.user_auth), len(self.data)) 277 277 return struct.pack(fmt, len(self.user_auth), self.user_auth, 278 278 len(self.data), self.data) ··· 296 296 return '>HHIH%us%usH%us' % \ 297 297 (len(self.auth_policy), len(self.parameters), len(self.unique)) 298 298 299 - def __init__(self, object_type, name_alg, object_attributes, auth_policy='', 300 - parameters='', unique=''): 299 + def __init__(self, object_type, name_alg, object_attributes, 300 + auth_policy=bytes(), parameters=bytes(), 301 + unique=bytes()): 301 302 self.object_type = object_type 302 303 self.name_alg = name_alg 303 304 self.object_attributes = object_attributes ··· 306 305 self.parameters = parameters 307 306 self.unique = unique 308 307 309 - def __str__(self): 308 + def __bytes__(self): 310 309 return struct.pack(self.__fmt(), 311 310 self.object_type, 312 311 self.name_alg, ··· 344 343 345 344 def hex_dump(d): 346 345 d = [format(ord(x), '02x') for x in d] 347 - d = [d[i: i + 16] for i in xrange(0, len(d), 16)] 346 + d = [d[i: i + 16] for i in range(0, len(d), 16)] 348 347 d = [' '.join(x) for x in d] 349 348 d = os.linesep.join(d) 350 349 ··· 402 401 pcrsel_len = max((i >> 3) + 1, 3) 403 402 pcrsel = [0] * pcrsel_len 404 403 pcrsel[i >> 3] = 1 << (i & 7) 405 - pcrsel = ''.join(map(chr, pcrsel)) 404 + pcrsel = ''.join(map(chr, pcrsel)).encode() 406 405 407 406 fmt = '>HII IHB%us' % (pcrsel_len) 408 407 cmd = struct.pack(fmt, ··· 444 443 TPM2_CC_PCR_EXTEND, 445 444 i, 446 445 len(auth_cmd), 447 - str(auth_cmd), 446 + bytes(auth_cmd), 448 447 1, bank_alg, dig) 449 448 450 449 self.send_cmd(cmd) ··· 458 457 TPM2_RH_NULL, 459 458 TPM2_RH_NULL, 460 459 16, 461 - '\0' * 16, 460 + ('\0' * 16).encode(), 462 461 0, 463 462 session_type, 464 463 TPM2_ALG_NULL, ··· 473 472 474 473 for i in pcrs: 475 474 pcr = self.read_pcr(i, bank_alg) 476 - if pcr == None: 475 + if pcr is None: 477 476 return None 478 477 x += pcr 479 478 ··· 490 489 pcrsel = [0] * pcrsel_len 491 490 for i in pcrs: 492 491 pcrsel[i >> 3] |= 1 << (i & 7) 493 - pcrsel = ''.join(map(chr, pcrsel)) 492 + pcrsel = ''.join(map(chr, pcrsel)).encode() 494 493 495 494 fmt = '>HII IH%usIHB3s' % ds 496 495 cmd = struct.pack(fmt, ··· 498 497 struct.calcsize(fmt), 499 498 TPM2_CC_POLICY_PCR, 500 499 handle, 501 - len(dig), str(dig), 500 + len(dig), 501 + bytes(dig), 502 502 1, 503 503 bank_alg, 504 504 pcrsel_len, pcrsel) ··· 536 534 537 535 self.send_cmd(cmd) 538 536 539 - def create_root_key(self, auth_value = ''): 537 + def create_root_key(self, auth_value = bytes()): 540 538 attributes = \ 541 539 Public.FIXED_TPM | \ 542 540 Public.FIXED_PARENT | \ ··· 572 570 TPM2_CC_CREATE_PRIMARY, 573 571 TPM2_RH_OWNER, 574 572 len(auth_cmd), 575 - str(auth_cmd), 573 + bytes(auth_cmd), 576 574 len(sensitive), 577 - str(sensitive), 575 + bytes(sensitive), 578 576 len(public), 579 - str(public), 577 + bytes(public), 580 578 0, 0) 581 579 582 580 return struct.unpack('>I', self.send_cmd(cmd)[10:14])[0] ··· 589 587 attributes = 0 590 588 if not policy_dig: 591 589 attributes |= Public.USER_WITH_AUTH 592 - policy_dig = '' 590 + policy_dig = bytes() 593 591 594 592 auth_cmd = AuthCommand() 595 593 sensitive = SensitiveCreate(user_auth=auth_value, data=data) ··· 610 608 TPM2_CC_CREATE, 611 609 parent_key, 612 610 len(auth_cmd), 613 - str(auth_cmd), 611 + bytes(auth_cmd), 614 612 len(sensitive), 615 - str(sensitive), 613 + bytes(sensitive), 616 614 len(public), 617 - str(public), 615 + bytes(public), 618 616 0, 0) 619 617 620 618 rsp = self.send_cmd(cmd) ··· 637 635 TPM2_CC_LOAD, 638 636 parent_key, 639 637 len(auth_cmd), 640 - str(auth_cmd), 638 + bytes(auth_cmd), 641 639 blob) 642 640 643 641 data_handle = struct.unpack('>I', self.send_cmd(cmd)[10:14])[0] ··· 655 653 TPM2_CC_UNSEAL, 656 654 data_handle, 657 655 len(auth_cmd), 658 - str(auth_cmd)) 656 + bytes(auth_cmd)) 659 657 660 658 try: 661 659 rsp = self.send_cmd(cmd) ··· 677 675 TPM2_CC_DICTIONARY_ATTACK_LOCK_RESET, 678 676 TPM2_RH_LOCKOUT, 679 677 len(auth_cmd), 680 - str(auth_cmd)) 678 + bytes(auth_cmd)) 681 679 682 680 self.send_cmd(cmd) 683 681 ··· 695 693 more_data, cap, cnt = struct.unpack('>BII', rsp[:9]) 696 694 rsp = rsp[9:] 697 695 698 - for i in xrange(0, cnt): 696 + for i in range(0, cnt): 699 697 handle = struct.unpack('>I', rsp[:4])[0] 700 698 handles.append(handle) 701 699 rsp = rsp[4:]
+20 -19
tools/testing/selftests/tpm2/tpm2_tests.py
··· 20 20 self.client.close() 21 21 22 22 def test_seal_with_auth(self): 23 - data = 'X' * 64 24 - auth = 'A' * 15 23 + data = ('X' * 64).encode() 24 + auth = ('A' * 15).encode() 25 25 26 26 blob = self.client.seal(self.root_key, data, auth, None) 27 27 result = self.client.unseal(self.root_key, blob, auth, None) ··· 30 30 def test_seal_with_policy(self): 31 31 handle = self.client.start_auth_session(tpm2.TPM2_SE_TRIAL) 32 32 33 - data = 'X' * 64 34 - auth = 'A' * 15 33 + data = ('X' * 64).encode() 34 + auth = ('A' * 15).encode() 35 35 pcrs = [16] 36 36 37 37 try: ··· 58 58 self.assertEqual(data, result) 59 59 60 60 def test_unseal_with_wrong_auth(self): 61 - data = 'X' * 64 62 - auth = 'A' * 20 61 + data = ('X' * 64).encode() 62 + auth = ('A' * 20).encode() 63 63 rc = 0 64 64 65 65 blob = self.client.seal(self.root_key, data, auth, None) 66 66 try: 67 - result = self.client.unseal(self.root_key, blob, auth[:-1] + 'B', None) 68 - except ProtocolError, e: 67 + result = self.client.unseal(self.root_key, blob, 68 + auth[:-1] + 'B'.encode(), None) 69 + except ProtocolError as e: 69 70 rc = e.rc 70 71 71 72 self.assertEqual(rc, tpm2.TPM2_RC_AUTH_FAIL) ··· 74 73 def test_unseal_with_wrong_policy(self): 75 74 handle = self.client.start_auth_session(tpm2.TPM2_SE_TRIAL) 76 75 77 - data = 'X' * 64 78 - auth = 'A' * 17 76 + data = ('X' * 64).encode() 77 + auth = ('A' * 17).encode() 79 78 pcrs = [16] 80 79 81 80 try: ··· 92 91 # This should succeed. 93 92 94 93 ds = tpm2.get_digest_size(tpm2.TPM2_ALG_SHA1) 95 - self.client.extend_pcr(1, 'X' * ds) 94 + self.client.extend_pcr(1, ('X' * ds).encode()) 96 95 97 96 handle = self.client.start_auth_session(tpm2.TPM2_SE_POLICY) 98 97 ··· 109 108 110 109 # Then, extend a PCR that is part of the policy and try to unseal. 111 110 # This should fail. 112 - self.client.extend_pcr(16, 'X' * ds) 111 + self.client.extend_pcr(16, ('X' * ds).encode()) 113 112 114 113 handle = self.client.start_auth_session(tpm2.TPM2_SE_POLICY) 115 114 ··· 120 119 self.client.policy_password(handle) 121 120 122 121 result = self.client.unseal(self.root_key, blob, auth, handle) 123 - except ProtocolError, e: 122 + except ProtocolError as e: 124 123 rc = e.rc 125 124 self.client.flush_context(handle) 126 125 except: ··· 131 130 132 131 def test_seal_with_too_long_auth(self): 133 132 ds = tpm2.get_digest_size(tpm2.TPM2_ALG_SHA1) 134 - data = 'X' * 64 135 - auth = 'A' * (ds + 1) 133 + data = ('X' * 64).encode() 134 + auth = ('A' * (ds + 1)).encode() 136 135 137 136 rc = 0 138 137 try: 139 138 blob = self.client.seal(self.root_key, data, auth, None) 140 - except ProtocolError, e: 139 + except ProtocolError as e: 141 140 rc = e.rc 142 141 143 142 self.assertEqual(rc, tpm2.TPM2_RC_SIZE) ··· 153 152 0xDEADBEEF) 154 153 155 154 self.client.send_cmd(cmd) 156 - except IOError, e: 155 + except IOError as e: 157 156 rejected = True 158 157 except: 159 158 pass ··· 213 212 self.client.tpm.write(cmd) 214 213 rsp = self.client.tpm.read() 215 214 216 - except IOError, e: 215 + except IOError as e: 217 216 # read the response 218 217 rsp = self.client.tpm.read() 219 218 rejected = True ··· 284 283 rc = 0 285 284 try: 286 285 space1.send_cmd(cmd) 287 - except ProtocolError, e: 286 + except ProtocolError as e: 288 287 rc = e.rc 289 288 290 289 self.assertEqual(rc, tpm2.TPM2_RC_COMMAND_CODE |