| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 3 | # Location of Shared volume and Node's name |
| 4 | # These variables have to be made available to this script |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 5 | |
| 6 | echo "Shared Volume location is $ABRMD_DATA" |
| 7 | echo "Node name is $TPM_NODE_NAME" |
| 8 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 9 | # 1. Create the directory with the host's name to store the output of Init tool |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 10 | # This is demarcate the generated files which are specific to this host's TPM |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 11 | mkdir -p ${ABRMD_DATA}/host_${TPM_NODE_NAME} |
| 12 | WORKDIR=${ABRMD_DATA}/host_${TPM_NODE_NAME} |
| 13 | cd ${WORKDIR} |
| 14 | # /abrmd/cred will contain srk_handle and tpm owner hierarchy password |
| 15 | # provided by the admin of the TPM node |
| 16 | SRKHANDLE="$(cat /abrmd/cred/srk_handle | base64 -d)" |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 17 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 18 | # 2. Create initial Flag values which are reset upon failure |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 19 | error="NULL" |
| 20 | flag="1" |
| 21 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 22 | # 3. TPM Startup |
| 23 | echo "tpm2_startup --clear -T device --verbose" |
| 24 | tpm2_startup --clear -T device -V |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 25 | if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; |
| 26 | error=$(echo "TPM Startup failed"); flag="0"; |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 27 | echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml; |
| 28 | echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml; |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 29 | exit 1; |
| 30 | fi |
| 31 | echo "" |
| 32 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 33 | # 4. Read public portion of TPM primary key with stored handle |
| 34 | # It is expected that the Admin would have created this already |
| 35 | # using the create_primary.sh script |
| 36 | rm -f out_parent_public |
| 37 | echo "tpm2_readpublic -H ${SRKHANDLE} --opu out_parent_public -T device -V" |
| 38 | tpm2_readpublic -H ${SRKHANDLE} --opu out_parent_public -T device -V |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 39 | if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit."; |
| 40 | error=$(echo" Error:Reading Public part of Primary Key failed"); |
| 41 | echo "$error"; flag="0"; |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 42 | echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml; |
| 43 | echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml; |
| Pramod Raghavendra Jayathirth | 51449da | 2018-08-02 10:41:31 -0700 | [diff] [blame] | 44 | exit 1; |
| 45 | fi |
| 46 | echo "" |
| 47 | |
| Kiran Kamineni | 72d45a6 | 2018-08-28 16:24:42 -0700 | [diff] [blame^] | 48 | # 5. Update the tpm_status.yaml to report the status of this Script |
| 49 | echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml |
| 50 | echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml |