1*8617a60dSAndroid Build Coastguard Worker#!/bin/bash -e 2*8617a60dSAndroid Build Coastguard Worker# 3*8617a60dSAndroid Build Coastguard Worker# Copyright 2010 The ChromiumOS Authors 4*8617a60dSAndroid Build Coastguard Worker# Use of this source code is governed by a BSD-style license that can be 5*8617a60dSAndroid Build Coastguard Worker# found in the LICENSE file. 6*8617a60dSAndroid Build Coastguard Worker 7*8617a60dSAndroid Build Coastguard Worker# Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its 8*8617a60dSAndroid Build Coastguard Worker# behavior. 9*8617a60dSAndroid Build Coastguard Worker 10*8617a60dSAndroid Build Coastguard Workerif [ -f /sys/class/misc/tpm0/device/owned ]; then 11*8617a60dSAndroid Build Coastguard Worker owned=$(cat /sys/class/misc/tpm0/device/owned) 12*8617a60dSAndroid Build Coastguard Workerelse 13*8617a60dSAndroid Build Coastguard Worker owned=$(cat /sys/class/tpm/tpm0/device/owned) 14*8617a60dSAndroid Build Coastguard Workerfi 15*8617a60dSAndroid Build Coastguard Workerif [ "$owned" = "" ]; then 16*8617a60dSAndroid Build Coastguard Worker echo "TPM is not functional" 17*8617a60dSAndroid Build Coastguard Worker exit 1 18*8617a60dSAndroid Build Coastguard Workerfi 19*8617a60dSAndroid Build Coastguard Workerif [ "$owned" = "0" ]; then 20*8617a60dSAndroid Build Coastguard Worker echo "please use random, non-empty passwords" 21*8617a60dSAndroid Build Coastguard Worker tpm_takeownership || exit 1 22*8617a60dSAndroid Build Coastguard Workerfi 23*8617a60dSAndroid Build Coastguard Worker 24*8617a60dSAndroid Build Coastguard Workerattempts=0 25*8617a60dSAndroid Build Coastguard Workermax=1 26*8617a60dSAndroid Build Coastguard Workere=/tmp/x$$ 27*8617a60dSAndroid Build Coastguard Worker 28*8617a60dSAndroid Build Coastguard Workerwhile true; do 29*8617a60dSAndroid Build Coastguard Worker attempts=$(( $attempts + 1 )) 30*8617a60dSAndroid Build Coastguard Worker before=$(date +%s) 31*8617a60dSAndroid Build Coastguard Worker defending=1 32*8617a60dSAndroid Build Coastguard Worker while [ $defending -eq 1 ]; do 33*8617a60dSAndroid Build Coastguard Worker if tpm_getpubek -z 2> $e; then 34*8617a60dSAndroid Build Coastguard Worker echo "unexpected success of tpm_getpubek" 35*8617a60dSAndroid Build Coastguard Worker exit 1 36*8617a60dSAndroid Build Coastguard Worker fi 37*8617a60dSAndroid Build Coastguard Worker if grep -q communication $e; then 38*8617a60dSAndroid Build Coastguard Worker echo "communication failure" 39*8617a60dSAndroid Build Coastguard Worker exit 1 40*8617a60dSAndroid Build Coastguard Worker fi 41*8617a60dSAndroid Build Coastguard Worker if ! grep -q dictionary $e; then 42*8617a60dSAndroid Build Coastguard Worker defending=0 43*8617a60dSAndroid Build Coastguard Worker fi 44*8617a60dSAndroid Build Coastguard Worker done 45*8617a60dSAndroid Build Coastguard Worker after=$(date +%s) 46*8617a60dSAndroid Build Coastguard Worker elapsed=$(( $after - $before )) 47*8617a60dSAndroid Build Coastguard Worker if [ $elapsed -gt $max ]; then 48*8617a60dSAndroid Build Coastguard Worker echo delay of $elapsed seconds after $attempts attempts 49*8617a60dSAndroid Build Coastguard Worker max=$elapsed 50*8617a60dSAndroid Build Coastguard Worker fi 51*8617a60dSAndroid Build Coastguard Workerdone 52