name: tlcl_examples
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
env:
CARGO_TERM_COLOR: always
jobs:
test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
example: [tlcl_clear, tlcl_read, tlcl_read_with_offset, tlcl_write, tlcl_write_with_offset, tlcl_define_and_undefine]
tpm_version: [tpm1_2, tpm2_0]
steps:
- uses: actions/checkout@v4
- name: install dependencies
run: |
sudo apt-get update
sudo apt-get install -y swtpm swtpm-tools tmux
- name: prepare vTPM proxy
id: vtpm
run: |
sudo bash scripts/build_vtpm.sh
if [[ ! -e /dev/vtpmx ]]; then
sudo modprobe tpm_vtpm_proxy || true
fi
if [[ ! -e /dev/vtpmx ]]; then
echo "/dev/vtpmx is unavailable on this runner"
echo "swtpm --vtpm-proxy needs tpm_vtpm_proxy"
echo "available=false" >> "$GITHUB_OUTPUT"
exit 0
fi
# this seems jank ngl...
echo "available=true" >> "$GITHUB_OUTPUT"
- name: start tpm simulator
if: steps.vtpm.outputs.available == 'true'
run: |
TPM_LOG="$RUNNER_TEMP/tpm-${{ matrix.tpm_version }}.log"
if [[ "${{ matrix.tpm_version }}" == "tpm1_2" ]]; then
tmux new-session -d -s tpm-sim "bash \"$GITHUB_WORKSPACE/scripts/start_tpm1.sh\" > \"$TPM_LOG\" 2>&1"
else
tmux new-session -d -s tpm-sim "bash \"$GITHUB_WORKSPACE/scripts/start_tpm2.sh\" > \"$TPM_LOG\" 2>&1"
fi
for _ in $(seq 1 30); do
if compgen -G '/dev/tpm[0-9]*' > /dev/null; then
break
fi
sleep 1
done
if ! compgen -G '/dev/tpm[0-9]*' > /dev/null; then
echo "no tpm dev found after waiting"
echo "--| START TPM LOG |--"
cat "$TPM_LOG"
echo "--| END TPM LOG |--"
exit 1
fi
- name: prep tpm with required NV space(s)
if: steps.vtpm.outputs.available == 'true'
run: |
TPM_DEV=$(ls /dev/tpm[0-9]* 2>/dev/null | sort -V | tail -n 1)
if [[ -z "$TPM_DEV" ]]; then
echo "no tpm found in /dev."
tmux capture-pane -pt tpm-sim || true
exit 1
fi
echo "tpm dev: $TPM_DEV"
cargo build --example tlcl_kernver --features tlcl --features ${{ matrix.tpm_version }}
sudo ./target/debug/examples/tlcl_kernver --tpm-path "$TPM_DEV" --verbose
- name: run example
if: steps.vtpm.outputs.available == 'true'
run: |
TPM_DEV=$(ls /dev/tpm[0-9]* 2>/dev/null | sort -V | tail -n 1)
if [[ -z "$TPM_DEV" ]]; then
echo "no tpm found in /dev."
tmux capture-pane -pt tpm-sim || true
exit 1
fi
echo "tpm dev: $TPM_DEV"
TPM_PATH="$TPM_DEV" cargo build --example ${{ matrix.example }} \
--features tlcl \
--features ${{ matrix.tpm_version }}
sudo ./target/debug/examples/${{ matrix.example }} --tpm-path "$TPM_DEV" --verbose
- name: explain skip
if: steps.vtpm.outputs.available != 'true'
run: |
echo "skipping because /dev/vtpmx is unavailable on this runner"