search

stefanberger / swtpm

Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface.
Other
577 stars 143 forks source link

UnixIO socket file not created on macOS #641

Closed spikespaz closed 2 years ago

spikespaz commented 2 years ago

Describe the bug I should expect the socket file specified to be created in the directory specified, but instead, no file is created and the terminal remains blank with no logging output.

To Reproduce Steps to reproduce the behavior:

  1. Compile libtpms on macOS
  2. Run make tests
  3. Compile swtpm on macOS
  4. Run make tests
  5. mkdir /tmp/emulated_tpm/
  6. Run the following command: 
    swtpm socket --tpmstate dir=/tmp/emulated_tpm/ --ctrl type=unixio,path=/tmp/emulated_tpm/swtpm-sock --log level=20 --tpm2 -t

Expected behavior I should expect the socket file specified to be created in the directory specified, but instead, no file is created and the terminal remains blank with no logging output.

Desktop (please complete the following information):

Versions of relevant components

Log files There are no log files (AFAIK).

stefanberger commented 2 years ago

It works fine for me and also Unix socket related test work fine, which wouldn't work if Unix sockets weren't created. Maybe the additional -t on your command line's end causes the issue.

spikespaz commented 2 years ago

I tried without. I am wondering if it's Apple's quarantine xattr? What are your related settings?

stefanberger commented 2 years ago

I don't think it has anything to do with xattr. I am not aware of any special setting but -t means terminate after connection loss and this is what may be happening here that it terminates on you after the first connection, even connection via the control channel, is lost.

spikespaz commented 2 years ago

I tried without. I am wondering if it's Apple's quarantine xattr? What are your related settings?

I have already tried it without -t.

spikespaz commented 2 years ago

I have created a Homebrew tap so that you can attempt to reproduce my issue. Try updating all your dependencies and installing swtpm from here: https://github.com/spikespaz/homebrew-jacob

brew update
brew upgrade
brew tap spikespaz/jacob
brew install swtpm
which swtpm

This should help bring our machines to parity.

Also, make sure to use Homebrew from /opt/homebrew. You could be using Rosetta and compiling for x86_64.

stefanberger commented 2 years ago

I shouldn't have to install this from your repo. I compiled from the same sources as you did and it should lead to the same result.

Does this test also pass for you with unix+unix? You ran make test it sounds like, so it should work.

$ cd tests/
$ ./test_tpm2_locality
[...]
==== Starting swtpm with interfaces socket+socket ====
Locality outside valid range of [0..4].
OK
==== Starting swtpm with interfaces socket+unix ====
Locality outside valid range of [0..4].
OK
==== Starting swtpm with interfaces unix+unix ====
Locality outside valid range of [0..4].
OK
spikespaz commented 2 years ago

A number of issues with your assumption that we get the same binary. Are your formulae up-to-date? Are you sure that we are using the same environment variables? One of ours may be polluted. Are you sure your compilation environment isn't using Rosetta by default?

I agree, if the make tests pass, it should work. But it doesn't. That is the exact reason we are troubleshooting right now.

spikespaz commented 2 years ago

I am now testing using Rosetta 2 to remove that potential discontinuity.

$ arch -x86_64 /usr/local/brew tap spikespaz/jacob
$ arch -x86_64 /usr/local/brew install --interactive swtpm
$ arch -x86_64 ./autogen.sh --prefix=/usr/local/ --with-openssl
$ cd tests/
$ arch -x86_64 ./test_tpm2_locality
Need Linux to run test with CUSE interface.
Need Linux to run test with CUSE interface.
==== Starting swtpm with interfaces socket+socket ====
swtpm: Data client disconnected
Locality outside valid range of [0..4].
OK
==== Starting swtpm with interfaces socket+unix ====
swtpm: Data client disconnected
Locality outside valid range of [0..4].
OK
==== Starting swtpm with interfaces unix+unix ====
Locality outside valid range of [0..4].
swtpm: Data client disconnected
swtpm: Data client disconnected
swtpm: Data client disconnected
swtpm: Data client disconnected
swtpm: Data client disconnected
OK
$ arch -x86_64 make -j4 check >> ~/Desktop/swtpm-make-check.log

swtpm-make-check.log

spikespaz commented 2 years ago

I am getting the exact same results without using arch -x86_64.

spikespaz commented 2 years ago

Does any part of these two libraries use OpenSSL 1.1? Because I have some links to OpenSSL 1.1 showing here.

spikespaz commented 2 years ago

Well, it started working. No idea why.