add uart CI test

JacobBarthelmeh · JacobBarthelmeh · commit 5f49d6588d2b · 2026-01-21T16:43:57.000-07:00
diff --git a/.github/workflows/test-uart-swtpm.yml b/.github/workflows/test-uart-swtpm.yml
@@ -0,0 +1,260 @@
+name: Test UART Communication with SWTPM
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ 'master', 'main', 'release/**' ]
+  workflow_dispatch:
+
+jobs:
+  test-uart-swtpm:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Install basic dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y \
+          automake \
+          autotools-dev \
+          libtool \
+          pkg-config \
+          gcc \
+          make \
+          git \
+          socat \
+          strace \
+          acl
+
+    - name: Install swtpm
+      run: |
+        sudo apt-get install -y swtpm swtpm-tools
+
+    - name: Setup wolfSSL
+      uses: actions/checkout@v4
+      with:
+        repository: wolfssl/wolfssl
+        path: wolfssl
+
+    - name: Build wolfSSL
+      working-directory: ./wolfssl
+      run: |
+        ./autogen.sh
+        ./configure --enable-wolftpm --prefix=$PWD/../wolfssl-install
+        make -j$(nproc)
+        make install
+
+    - name: Create virtual UART pair
+      id: uart
+      run: |
+        echo "=== Debug: Current user and groups ==="
+        id
+        whoami
+        groups
+
+        echo "=== Debug: /dev/pts mount and permissions ==="
+        mount | grep pts || true
+        ls -la /dev/pts/ || true
+        cat /proc/mounts | grep pts || true
+
+        # Create a PTY pair for UART simulation using socat
+        # This creates two pseudo-terminals that are connected
+        # One end will be used by swtpm (server side)
+        # The other end will be used by wolfTPM (client side, as UART device)
+        socat -d -d pty,raw,echo=0,link=/tmp/tpm-uart-server pty,raw,echo=0,link=/tmp/tpm-uart-client &
+        SOCAT_PID=$!
+        echo $SOCAT_PID > /tmp/socat.pid
+        sleep 2
+
+        # Get the actual PTY device names
+        SERVER_PTY=$(readlink -f /tmp/tpm-uart-server)
+        CLIENT_PTY=$(readlink -f /tmp/tpm-uart-client)
+
+        echo "server_pty=$SERVER_PTY" >> $GITHUB_OUTPUT
+        echo "client_pty=$CLIENT_PTY" >> $GITHUB_OUTPUT
+
+        echo "=== Debug: PTY details ==="
+        echo "Server PTY (for swtpm): $SERVER_PTY"
+        echo "Client PTY (for wolfTPM): $CLIENT_PTY"
+
+        # Detailed PTY info
+        ls -la $SERVER_PTY $CLIENT_PTY || exit 1
+        stat $SERVER_PTY $CLIENT_PTY || true
+
+        # Check if we can actually read/write to PTYs
+        echo "=== Debug: Testing PTY access ==="
+        test -r $SERVER_PTY && echo "Server PTY is readable" || echo "Server PTY NOT readable"
+        test -w $SERVER_PTY && echo "Server PTY is writable" || echo "Server PTY NOT writable"
+        test -r $CLIENT_PTY && echo "Client PTY is readable" || echo "Client PTY NOT readable"
+        test -w $CLIENT_PTY && echo "Client PTY is writable" || echo "Client PTY NOT writable"
+
+        # Check getfacl if available
+        echo "=== Debug: ACLs (if available) ==="
+        getfacl $SERVER_PTY 2>/dev/null || echo "getfacl not available"
+
+        # Check socat process
+        echo "=== Debug: socat process ==="
+        ps aux | grep socat | grep -v grep || true
+
+    - name: Start swtpm with chardev (UART)
+      run: |
+        SERVER_PTY="${{ steps.uart.outputs.server_pty }}"
+        mkdir -p /tmp/swtpm-state
+
+        echo "=== Debug: Pre-swtpm checks ==="
+        echo "SERVER_PTY=$SERVER_PTY"
+        ls -la $SERVER_PTY
+        stat $SERVER_PTY
+
+        echo "=== Debug: Current user context ==="
+        id
+
+        echo "=== Debug: Try to open PTY with dd (test access) ==="
+        timeout 1 dd if=$SERVER_PTY of=/dev/null bs=1 count=0 2>&1 || echo "dd read test completed (may timeout, that's ok)"
+
+        echo "=== Debug: Check /dev/pts mount options ==="
+        cat /proc/mounts | grep devpts
+
+        echo "=== Debug: swtpm version and help ==="
+        swtpm --version || true
+        swtpm chardev --help 2>&1 | head -20 || true
+
+        echo "=== Debug: Starting swtpm with strace (if available) ==="
+        # Try with strace first to see exact syscall failure
+        if command -v strace &> /dev/null; then
+          strace -f -e trace=open,openat,access -o /tmp/swtpm_strace.log swtpm chardev \
+            --tpm2 \
+            --tpmstate dir=/tmp/swtpm-state \
+            --chardev $SERVER_PTY \
+            --flags not-need-init \
+            --log level=20 &
+          SWTPM_PID=$!
+          sleep 3
+          echo "=== Debug: strace output ==="
+          cat /tmp/swtpm_strace.log || true
+        else
+          echo "strace not available, running without it"
+          swtpm chardev \
+            --tpm2 \
+            --tpmstate dir=/tmp/swtpm-state \
+            --chardev $SERVER_PTY \
+            --flags not-need-init \
+            --log level=20 &
+          SWTPM_PID=$!
+          sleep 3
+        fi
+
+        echo $SWTPM_PID > /tmp/swtpm.pid
+
+        echo "=== Debug: Check if swtpm is running ==="
+        ps aux | grep swtpm | grep -v grep
+
+        # Check for any error output
+        echo "=== Debug: Check dmesg for PTY errors ==="
+        dmesg | tail -20 2>/dev/null || echo "Cannot read dmesg"
+
+        # Verify swtpm is running
+        if ! ps aux | grep swtpm | grep -v grep > /dev/null; then
+          echo "ERROR: swtpm failed to start!"
+          echo "=== Attempting alternative: test simple chardev open ==="
+          # Try a simple C program to open the device
+          cat > /tmp/test_open.c << 'CEOF'
+        #include <stdio.h>
+        #include <fcntl.h>
+        #include <errno.h>
+        #include <string.h>
+        int main(int argc, char *argv[]) {
+            if (argc < 2) return 1;
+            int fd = open(argv[1], O_RDWR | O_NOCTTY);
+            if (fd < 0) {
+                printf("open(%s) failed: %s (errno=%d)\n", argv[1], strerror(errno), errno);
+                return 1;
+            }
+            printf("open(%s) succeeded, fd=%d\n", argv[1], fd);
+            close(fd);
+            return 0;
+        }
+        CEOF
+          gcc -o /tmp/test_open /tmp/test_open.c
+          /tmp/test_open $SERVER_PTY
+          exit 1
+        fi
+
+    - name: Build wolfTPM with UART support
+      env:
+        CLIENT_PTY: ${{ steps.uart.outputs.client_pty }}
+      run: |
+        cd ${{ github.workspace }}
+        ./autogen.sh
+        # Set UART device path and baud rate via CFLAGS
+        # The device path needs to be properly quoted in the C define
+        export CFLAGS="-DTPM2_SWTPM_HOST=\\\"$CLIENT_PTY\\\" -DTPM2_SWTPM_PORT=115200"
+        echo "Building with UART device: $CLIENT_PTY"
+        ./configure \
+          --enable-swtpm=uart \
+          --with-wolfcrypt=$PWD/../wolfssl-install
+        make -j$(nproc)
+
+    - name: Verify UART setup
+      env:
+        CLIENT_PTY: ${{ steps.uart.outputs.client_pty }}
+        SERVER_PTY: ${{ steps.uart.outputs.server_pty }}
+      run: |
+        echo "Verifying UART setup..."
+        echo "Client PTY: $CLIENT_PTY"
+        echo "Server PTY: $SERVER_PTY"
+        
+        # Verify PTYs are still accessible
+        [ -c "$CLIENT_PTY" ] || (echo "Client PTY not found!" && exit 1)
+        [ -c "$SERVER_PTY" ] || (echo "Server PTY not found!" && exit 1)
+        
+        # Verify swtpm is still running
+        ps aux | grep swtpm | grep -v grep || (echo "swtpm not running!" && exit 1)
+        
+        echo "UART setup verified successfully"
+
+    - name: Run UART communication test
+      env:
+        CLIENT_PTY: ${{ steps.uart.outputs.client_pty }}
+      run: |
+        cd ${{ github.workspace }}
+        
+        # Build the caps example
+        cd examples/wrap
+        make caps
+        
+        echo "Running UART communication test..."
+        echo "Using UART device: $CLIENT_PTY"
+        
+        # Run the test with a timeout
+        # The test should connect to the PTY as if it were a UART device
+        timeout 30 ./caps || {
+          echo "Test failed!"
+          echo "Checking if swtpm is still running..."
+          ps aux | grep swtpm | grep -v grep || echo "swtpm is not running"
+          exit 1
+        }
+        
+        echo "UART communication test passed!"
+
+    - name: Cleanup
+      if: always()
+      run: |
+        # Kill swtpm
+        if [ -f /tmp/swtpm.pid ]; then
+          kill $(cat /tmp/swtpm.pid) 2>/dev/null || true
+          # Also try to kill any remaining swtpm processes
+          pkill -f "swtpm chardev" 2>/dev/null || true
+        fi
+        
+        # Kill socat PTY pair
+        if [ -f /tmp/socat.pid ]; then
+          kill $(cat /tmp/socat.pid) 2>/dev/null || true
+        fi
+        
+        # Clean up PTY links
+        rm -f /tmp/tpm-uart-server /tmp/tpm-uart-client
diff --git a/src/tpm2_swtpm.c b/src/tpm2_swtpm.c
@@ -47,9 +47,14 @@
 #ifdef WOLFTPM_ZEPHYR
 #include <zephyr/posix/unistd.h>
 #include <zephyr/net/socket.h>
+#include <zephyr/posix/sys/select.h>
 #elif defined(HAVE_UNISTD_H)
 #include <unistd.h>
 #endif
+/* select() is used for TCP socket mode, not UART mode */
+#if !defined(WOLFTPM_ZEPHYR) && !defined(WOLFTPM_SWTPM_UART) && !defined(WOLFTPM_SWTPM_UARTNS550)
+#include <sys/select.h>
+#endif
 #include <errno.h>
 #include <string.h>                 /* necessary for memset */
 #include <stdio.h>                  /* standard in/out procedures */
diff --git a/wolftpm/tpm2_types.h b/wolftpm/tpm2_types.h
@@ -298,9 +298,11 @@ typedef int64_t  INT64;
 
 /* Helper to convert macro to string */
 #ifndef XSTRINGIFY
-#define XSTRINGIFY(s) STRINGIFY(s)
+#ifndef STRINGIFY
 #define STRINGIFY(s)  #s
 #endif
+#define XSTRINGIFY(s) STRINGIFY(s)
+#endif
 
 /* ---------------------------------------------------------------------------*/
 /* TPM HARDWARE TYPE */
