Created attachment 766633 [details] libsecret-0.20.5:20220309-123018.log.gz >>> Test phase: app-crypt/libsecret-0.20.5 * abi_x86_64.amd64: running multilib-minimal_abi_src_test * Scanning for an open DISPLAY to start Xvfb ... * Starting Xvfb on $DISPLAY=4 ... meson test -C /var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64 --num-processes 15 ninja: Entering directory `/var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64' ninja: no work to do. 1/26 libsecret:libegg / test-hex OK 0.11s 2/26 libsecret:libegg / test-dh OK 0.11s 3/26 libsecret:libegg / test-hkdf OK 0.11s 4/26 libsecret:libsecret / test-attributes OK 0.10s 5/26 libsecret:libsecret / test-value OK 0.12s 6/26 libsecret:libegg / test-tpm2 FAIL 0.27s killed by signal 6 SIGABRT >>> MALLOC_PERTURB_=141 /var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64/egg/test-tpm2 7/26 libsecret:libegg / test-secmem OK 0.38s 8/26 libsecret:javascript / test-js-lookup OK 0.51s 9/26 libsecret:libsecret / test-file-collection OK 0.72s 10/26 libsecret:javascript / test-js-clear OK 0.71s 11/26 libsecret:javascript / test-js-store OK 0.66s 12/26 libsecret:vala / test-vala-unstable OK 0.35s 13/26 libsecret:vala / test-vala-lang OK 0.54s 14/26 libsecret:python / test-py-store OK 1.15s 15/26 libsecret:secret-tool / test-secret-tool-tpm2.sh FAIL 0.35s (exit status 139 or signal 11 SIGSEGV) >>> MALLOC_PERTURB_=109 abs_top_builddir=/var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64 /var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5/tool/test-secret-tool-tpm2.sh 16/26 libsecret:secret-tool / test-secret-tool.sh OK 0.69s 17/26 libsecret:python / test-py-clear OK 1.59s 18/26 libsecret:python / test-py-lookup OK 1.65s 19/26 libsecret:libsecret / test-session OK 1.85s 20/26 libsecret:libsecret / test-prompt OK 2.78s 21/26 libsecret:libsecret / test-password OK 3.14s 22/26 libsecret:libsecret / test-paths OK 3.95s 23/26 libsecret:libsecret / test-item OK 4.12s 24/26 libsecret:libsecret / test-methods OK 4.66s 25/26 libsecret:libsecret / test-collection OK 4.70s 26/26 libsecret:libsecret / test-service OK 14.49s Ok: 24 Expected Fail: 0 Fail: 2 Unexpected Pass: 0 Skipped: 0 Timeout: 0 Relevant part of testlog.txt says: 6/26 libsecret:libegg / test-tpm2 FAIL 0.27s killed by signal 6 SIGABRT 12:30:34 MALLOC_PERTURB_=141 /var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64/egg/test-tpm2 ----------------------------------- output ----------------------------------- stdout: # random seed: R02S0ce158b31ff6c80f9e8a9206cabe5294 1..2 # Start of tpm tests Bail out! ERROR:../libsecret-0.20.5/egg/test-tpm2.c:34:test_egg_tpm2_generate_master_password: 'context' should not be NULL stderr: ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: Permission denied ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: Permission denied ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 WARNING:tcti:src/util/io.c:252:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:591:Tss2_Tcti_Swtpm_Init() Cannot connect to swtpm TPM socket ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 ERROR:tcti:src/tss2-tcti/tctildr-dl.c:254:tctildr_get_default() No standard TCTI could be loaded ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI ** ERROR:../libsecret-0.20.5/egg/test-tpm2.c:34:test_egg_tpm2_generate_master_password: 'context' should not be NULL ------------------------------------------------------------------------------ [...] 15/26 libsecret:secret-tool / test-secret-tool-tpm2.sh FAIL 0.35s (exit status 139 or signal 11 SIGSEGV) 12:30:35 MALLOC_PERTURB_=109 abs_top_builddir=/var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5-abi_x86_64.amd64 /var/tmp/portage/app-crypt/libsecret-0.20.5/work/libsecret-0.20.5/tool/test-secret-tool-tpm2.sh ----------------------------------- output ----------------------------------- stdout: 1..6 stderr: ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: Permission denied ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: Permission denied ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 WARNING:tcti:src/util/io.c:252:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:591:Tss2_Tcti_Swtpm_Init() Cannot connect to swtpm TPM socket ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 ERROR:tcti:src/tss2-tcti/tctildr-dl.c:254:tctildr_get_default() No standard TCTI could be loaded ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI Segmentation fault (core dumped) ------------------------------------------------------------------------------ # ll /dev/tpm* crw-rw---- 1 tss root 10, 224 9 mar 09.55 /dev/tpm0 crw-rw---- 1 tss tss 241, 65536 9 mar 09.55 /dev/tpmrm0 # emerge --info =app-crypt/libsecret-0.20.5 Portage 3.0.30 (python 3.9.9-final-0, default/linux/amd64/17.1/desktop/plasma/systemd, gcc-11.2.1, glibc-2.33-r13, 5.15.26-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-5.15.26-gentoo-x86_64-Intel-R-_Core-TM-_i5-1035G1_CPU_@_1.00GHz-with-glibc2.33 KiB Mem: 15892208 total, 2262144 free KiB Swap: 16777212 total, 16775932 free Timestamp of repository gentoo: Wed, 09 Mar 2022 08:15:01 +0000 Head commit of repository gentoo: 55a47e9bcd7dad6f6314feb731fb156573f17d5d sh dash 0.5.11.5 ld GNU ld (Gentoo 2.37_p1 p2) 2.37 distcc 3.4 x86_64-pc-linux-gnu [enabled] ccache version 4.5.1 [disabled] app-misc/pax-utils: 1.3.3::gentoo app-shells/bash: 5.1_p16::gentoo dev-java/java-config: 2.3.1::gentoo dev-lang/perl: 5.34.0-r6::gentoo dev-lang/python: 2.7.18_p13::gentoo, 3.9.9-r1::gentoo, 3.10.2_p1::gentoo dev-lang/rust: 1.58.1::gentoo dev-util/ccache: 4.5.1::gentoo dev-util/cmake: 3.22.2::gentoo dev-util/meson: 0.60.3::gentoo sys-apps/baselayout: 2.7-r3::gentoo sys-apps/sandbox: 2.25::gentoo sys-apps/systemd: 249.9::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.71-r1::gentoo sys-devel/automake: 1.16.4::gentoo sys-devel/binutils: 2.37_p1-r2::gentoo sys-devel/binutils-config: 5.4::gentoo sys-devel/clang: 13.0.1::gentoo sys-devel/gcc: 11.2.1_p20220115::gentoo sys-devel/gcc-config: 2.5-r1::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/lld: 13.0.1::gentoo sys-devel/llvm: 13.0.1::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.15-r3::gentoo (virtual/os-headers) sys-libs/glibc: 2.33-r13::gentoo Repositories: gentoo location: /var/db/repos/gentoo sync-type: rsync sync-uri: rsync://rsync.europe.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-jobs: 1 sync-rsync-extra-opts: sync-rsync-verify-max-age: 24 sync-rsync-verify-metamanifest: yes x-portage location: /usr/local/portage masters: gentoo priority: 0 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="@FREE" AR="/usr/bin/gcc-ar" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -frecord-gcc-switches -march=icelake-client -mabm -ftree-vectorize -flto=8" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/easy-rsa /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -frecord-gcc-switches -march=icelake-client -mabm -ftree-vectorize -flto=8" DISTDIR="/var/cache/distfiles" EMERGE_DEFAULT_OPTS="--keep-going y --with-bdeps y" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe -frecord-gcc-switches -march=icelake-client -mabm -ftree-vectorize -flto=8" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live cgroup compress-build-logs config-protect-if-modified distcc distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms sign split-elog split-log strict strict-keepdir test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe -frecord-gcc-switches -march=icelake-client -mabm -ftree-vectorize -flto=8" GENTOO_MIRRORS="http://ftp.belnet.be/pub/rsync.gentoo.org/gentoo/ http://ftp.fau.de/gentoo https://ftp.fau.de/gentoo https://ftp.belnet.be/pub/rsync.gentoo.org/gentoo/" LANG="it_IT.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu -Wl,--sort-common -ftree-vectorize -flto=8" LINGUAS="it it_IT" MAKEOPTS="-j15 -l8" NM="/usr/bin/gcc-nm" PKGDIR="/var/cache/binpkgs" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" RANLIB="/usr/bin/gcc-ranlib" SHELL="/bin/bash" USE="X a52 aac aalib acl acpi activities adns alsa amd64 ao audiofile bash-completion bluetooth branding brotli bzip2 cairo caps cdda cddb cdparanoia cdr cli crypt css cups curl dbus declarative dga djvu dri dts dvd dvdr encode exif expat fbcon ffmpeg fftw flac fontconfig foomaticdb fortran ftp gd gdbm geoip gif gimp gmp gnutls gphoto2 gpm graphviz gtk gui guile handbook iconv icu idn imagemagick imlib introspection ipv6 java javascript jbig jemalloc jpeg jpeg2k kde kwallet lame lcms libass libglvnd libnotify libsamplerate libtirpc lm-sensors lua lzma lzo mad magic mmap mng mp3 mp4 mpeg mplayer multilib musicbrainz ncurses nls nptl offensive ogg openal opengl openmp pam pango pcre pdf plasma png policykit postscript ppds pulseaudio qml qt5 rdesktop readline recode samba sctp sdl seccomp sndfile sockets speex spell split-usr sqlite ssl startup-notification svg symlink syslog systemd sysvipc taglib telemetry test theora threads tidy tiff truetype udev udisks unicode upower usb v4l vaapi vala verify-sig vim-syntax vnc vorbis wavpack wayland webp widgets win32codecs wmf wxwidgets x264 xattr xcb xine xinerama xml xpm xscreensaver xv xvid yahoo zip zlib zstd" ABI_X86="64" ADA_TARGET="gnat_2020" ALSA_CARDS="hda-intel virmidi" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 avx512f avx512dq avx512cd avx512bw avx512vl avx512vbmi f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 ssse3" CURL_SSL="gnutls" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput" KERNEL="linux" L10N="it en" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-4 php8-0" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_9" PYTHON_TARGETS="python3_9" RUBY_TARGETS="ruby27" USERLAND="GNU" VIDEO_CARDS="intel i965 iris" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: ADDR2LINE, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LEX, LFLAGS, LIBTOOL, MAKE, MAKEFLAGS, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS # emerge -1pqv =app-crypt/libsecret-0.20.5 [ebuild U ] app-crypt/libsecret-0.20.5 [0.20.4-r1] USE="crypt introspection test tpm%* vala -gtk-doc" ABI_X86="(64) -32 (-x32)"
Created attachment 766634 [details] tstlog.txr
Created attachment 766635 [details] testlog.txt
The libsecret tpm2 tests not only require tpm2-abrmd, but expect the system has a TPM2 or the emulator (swtpm) is started beforehand. It does not setup the emulator environment itself. Test shouldn't be run against a "live" TPM2 because it may not exist, the storage hierarchy has a password on it. It's possible to create such an environment in the ebuild, with something like this: tpm2_run_with_emulator() { eval `dbus-launch --sh-syntax` export XDG_CONFIG_HOME=${WORKDIR}/.config/swtpm /usr/share/swtpm/swtpm-create-user-config-files mkdir -p ${XDG_CONFIG_HOME}/mytpm1 swtpm_setup --tpm2 --tpmstate ${XDG_CONFIG_HOME}/mytpm1 --createek --allow-signing --decryption --create-ek-cert --create-platform-cert --lock-nvram --overwrite --display swtpm socket --tpm2 --tpmstate dir=${XDG_CONFIG_HOME}/mytpm1 --flags startup-clear --ctrl type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket.ctrl --server type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket --pid file=${XDG_CONFIG_HOME}/mytpm1/swtpm.pid --daemon tpm2-abrmd --logger=stdout --tcti=swtpm:path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket --session --flush-all & export TCTI=tabrmd:bus_type=session $1 $@ kill $(< ${XDG_CONFIG_HOME}/mytpm1/swtpm.pid) } multilib_src_test() { tpm2_run_with_emulator virtx meson_src_test } Its ugly though, but this is not the first program I've seen that that assumes the emulation environment hasn't already been setup prior. By the way, the swtpm TCTI only gained ability to connect via UNIX domain sockets as of tpm-tss-3.2.0. Prior to that, it had to connect to a TCP port. It could be done that way for better compatibility, the problem with that is the default port numbers may clash with a existing instance of swtpm. A different port could be picked, making that less likely, but it might clash with something else.
Thank you. Would you like to submit a pull request on GitHub or attach a git-formatted patch here?
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d365c45e634a03d664b17037fdc7843beadf8193 commit d365c45e634a03d664b17037fdc7843beadf8193 Author: Christopher Byrne <salah.coronya@gmail.com> AuthorDate: 2022-03-14 03:19:35 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2022-03-16 02:07:26 +0000 app-crypt/libsecret: Create an emulated TPM2 for tests Libsecret runs tests against the TPM2 already in the machine and require tpm2-abrmd. Hence the tests will fail if the user does not have tpm2-abrmd installed or does not have a TPM2 in the machine. It shouldn't do this - it should provision a virtual TPM2 spawn an emulator (swtpm) and the use the swtpm TCTI with tpm2-abrmd. However its not too difficult to setup the TPM2 simulator for the test, which is what this patch does. Bug: https://bugs.gentoo.org/834830 Closes: https://github.com/gentoo/gentoo/pull/24509 Signed-off-by: Christopher Byrne <salah.coronya@gmail.com> Signed-off-by: Matt Turner <mattst88@gentoo.org> app-crypt/libsecret/libsecret-0.20.5-r1.ebuild | 155 +++++++++++++++++++++++++ 1 file changed, 155 insertions(+)
