swtpm: Search for all state files and use abstracted names in JSON

Search for all the state files not just the permanent state and
when printing the JSON use the abstracted names rather than concrete
filenames that are only valid for the dir backend but will likely
not exist in other backends.

Adjust swtpm_setup to search for the abstracted name and also
adjust the error message to print out the abstracted name.

Adjust the test cases.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

src/swtpm/swtpm_nvstore.c

@@ -1315,51 +1315,49 @@ TPM_RESULT SWTPM_NVRAM_SetStateBlob(unsigned char *data,
 }
 
 /* Example JSON output:
- *  { "type": "swtpm", "states":
- *    [ { "name": "tpm2-00.permall" } ]
+ *  { "type": "swtpm",
+ *    "states": [ "permall", "volatilestate", "savestate" ]
  *  }
  */
 int SWTPM_NVRAM_PrintJson(void)
 {
     TPM_RESULT rc = 0;
-    int ret = 0, n;
-    unsigned char *nvdata = NULL;
-    uint32_t tpm_number = 0;
-    char filename[FILENAME_MAX];
-    char *state_str = NULL;
-    const char *backend_uri = NULL;
-
-    if (rc == 0)
-        rc = SWTPM_NVRAM_GetFilenameForName(filename, sizeof(filename),
-                                            tpm_number, TPM_PERMANENT_ALL_NAME,
-                                            false);
-    if (rc == 0)
-        rc = SWTPM_NVRAM_Init();
+    const char *backend_uri;
+    const char *states[] = {
+        TPM_PERMANENT_ALL_NAME,
+        TPM_VOLATILESTATE_NAME,
+        TPM_SAVESTATE_NAME,
+    };
+    char state_str[128] = "";
+    size_t i, n, o;
+    int ret = -1;
 
+    rc = SWTPM_NVRAM_Init();
     if (rc == 0) {
+        o = 0;
         backend_uri = tpmstate_get_backend_uri();
-        rc = g_nvram_backend_ops->check_state(backend_uri, TPM_PERMANENT_ALL_NAME);
-        if (rc == TPM_SUCCESS) {
-            n = asprintf(&state_str, " { \"name\": \"%s\" } ", filename);
-            if (n < 0) {
-                logprintf(STDERR_FILENO, "Out of memory\n");
-                state_str = NULL;
-                ret = -1;
-                goto cleanup;
+
+        for (i = 0; i < ARRAY_LEN(states); i++) {
+            rc = g_nvram_backend_ops->check_state(backend_uri, states[i]);
+            if (rc == TPM_SUCCESS) {
+                n = snprintf(&state_str[o], sizeof(state_str) - o,
+                             "%s \"%s\"",
+                             (o > 0) ? "," : "",
+                             states[i]);
+                if (n >= sizeof(state_str) - o)
+                    goto exit;
+                o += n;
+            } else if (rc != TPM_RETRY) {
+                /* Error other than ENOENT */
+                goto exit;
             }
-        } else if (rc != TPM_RETRY) {
-            /* Error other than ENOENT */
-            ret = -1;
-            goto cleanup;
         }
+        printf("{ \"type\": \"swtpm\", \"states\": [%s%s] }",
+               state_str,  (o > 0) ? " ": "");
+        ret = 0;
+    }
 
-        printf("{ \"type\": \"swtpm\", \"states\": [%s] }", state_str ? state_str : "");
-    } else
-        ret = -1;
-
-cleanup:
-    free(state_str);
-    free(nvdata);
+exit:
 
     return ret;
 }

src/swtpm_setup/swtpm_setup.c

@@ -29,6 +29,8 @@
 #include <glib-object.h>
 #include <json-glib/json-glib.h>
 
+#include <libtpms/tpm_nvfilename.h>
+
 #include "swtpm.h"
 #include "swtpm_setup_conf.h"
 #include "swtpm_setup_utils.h"
@@ -696,7 +698,6 @@ static int init_tpm(unsigned long flags, gchar **swtpm_prg_l, const gchar *confi
 static int check_state_overwrite(gchar **swtpm_prg_l, unsigned int flags,
                                  const char *tpm_state_path)
 {
-    const char *statefile;
     gboolean success;
     g_autofree gchar *standard_output = NULL;
     int exit_status = 0;
@@ -712,11 +713,8 @@ static int check_state_overwrite(gchar **swtpm_prg_l, unsigned int flags,
                                 NULL
                             }, NULL, FALSE);
 
-    if (flags & SETUP_TPM2_F) {
-        statefile = "tpm2-00.permall";
+    if (flags & SETUP_TPM2_F)
         my_argv = concat_arrays(my_argv, (gchar*[]) { "--tpm2", NULL }, TRUE);
-    } else
-        statefile = "tpm-00.permall";
 
     argv = concat_arrays(swtpm_prg_l, my_argv, FALSE);
     success = g_spawn_sync(NULL, argv, NULL, G_SPAWN_STDERR_TO_DEV_NULL, NULL, NULL,
@@ -732,15 +730,15 @@ static int check_state_overwrite(gchar **swtpm_prg_l, unsigned int flags,
         return 1;
     }
 
-    if (g_strstr_len(standard_output, -1, statefile) != NULL) {
+    if (g_strstr_len(standard_output, -1, TPM_PERMANENT_ALL_NAME) != NULL) {
         /* State file exists */
         if (flags & SETUP_STATE_NOT_OVERWRITE_F) {
             logit(gl_LOGFILE, "Not overwriting existing state file.\n");
             return 2;
         }
         if (flags & SETUP_STATE_OVERWRITE_F)
             return 0;
-        logerr(gl_LOGFILE, "Found existing TPM state file %s.\n", statefile);
+        logerr(gl_LOGFILE, "Found existing TPM state '%s'.\n", TPM_PERMANENT_ALL_NAME);
         return 1;
     }
 

tests/_test_print_states

@@ -56,7 +56,7 @@ if [ $? -ne 0 ]; then
 	exit 1
 fi
 
-exp='\{ "type": "swtpm", "states": \[ \{ "name": "tpm-00.permall" \} \] \}'
+exp='\{ "type": "swtpm", "states": \[ "permall" \] \}'
 if ! [[ ${msg} =~ ${exp} ]]; then
 	echo "Unexpected response from ${SWTPM_IFACE} TPM to --print-states:"
 	echo "Actual   : ${msg}"

tests/_test_tpm2_print_states

@@ -56,7 +56,7 @@ if [ $? -ne 0 ]; then
 	exit 1
 fi
 
-exp='\{ "type": "swtpm", "states": \[ \{ "name": "tpm2-00.permall" \} \] \}'
+exp='\{ "type": "swtpm", "states": \[ "permall" \] \}'
 if ! [[ ${msg} =~ ${exp} ]]; then
 	echo "Unexpected response from ${SWTPM_IFACE} TPM to --print-states:"
 	echo "Actual   : ${msg}"