2017-07-02 22:38:32 +03:00
#!/usr/bin/env bash
2017-02-10 15:19:22 +03:00
# Copyright (C) 2017 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions
# of the GNU General Public License v.2.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
# unrelated to lvm2 daemons
SKIP_WITH_LVMLOCKD = 1
SKIP_WITH_LVMPOLLD = 1
. lib/inittest
CIPHER = aes-xts-plain64
HEXKEY_32 = 0102030405060708090a0102030405060102030405060708090a010203040506
HIDENKEY_32 = 0000000000000000000000000000000000000000000000000000000000000000
KEY_NAME = " $PREFIX :keydesc "
function _teardown( ) {
2017-07-10 11:40:09 +03:00
keyctl unlink " %: $PREFIX -keyring "
aux teardown_devs_prefixed " $PREFIX "
2017-02-10 15:19:22 +03:00
}
aux target_at_least dm-zero 1 0 0 || skip "missing dm-zero target"
aux target_at_least dm-crypt 1 15 0 || skip "dm-crypt doesn't support keys in kernel keyring service"
which keyctl || skip "test requires keyctl utility"
2017-06-23 16:11:26 +03:00
keyctl new_session || true # fails with 'su', works with 'su -'
2017-07-10 11:40:09 +03:00
keyctl newring " $PREFIX -keyring " @s
keyctl timeout " %: $PREFIX -keyring " 60
2017-02-10 15:19:22 +03:00
trap '_teardown' EXIT
2017-07-10 11:40:09 +03:00
keyctl add logon " $KEY_NAME " " ${ HEXKEY_32 : 0 : 32 } " " %: $PREFIX -keyring "
2017-02-10 15:19:22 +03:00
2017-07-10 11:40:09 +03:00
dmsetup create " $PREFIX -zero " --table "0 1 zero"
2017-02-10 15:19:22 +03:00
# put key in kernel keyring for active table
2017-07-10 11:40:09 +03:00
dmsetup create " $PREFIX -crypt " --table " 0 1 crypt $CIPHER :32:logon: $KEY_NAME 0 $DM_DEV_DIR /mapper/ $PREFIX -zero 0 "
2017-02-10 15:19:22 +03:00
# put hexbyte key in dm-crypt directly in inactive table
2017-07-10 11:40:09 +03:00
dmsetup load " $PREFIX -crypt " --table " 0 1 crypt $CIPHER $HEXKEY_32 0 $DM_DEV_DIR /mapper/ $PREFIX -zero 0 "
2017-02-10 15:19:22 +03:00
# test dmsetup doesn't hide key descriptions...
2017-07-10 11:40:09 +03:00
str = $( dmsetup table " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " :32:logon: $KEY_NAME "
str = $( dmsetup table --showkeys " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " :32:logon: $KEY_NAME "
2017-02-10 15:19:22 +03:00
# ...but it hides hexbyte representation of keys...
2017-07-10 11:40:09 +03:00
str = $( dmsetup table --inactive " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " $HIDENKEY_32 "
2017-02-10 15:19:22 +03:00
#...unless --showkeys explictly requested
2017-07-10 11:40:09 +03:00
str = $( dmsetup table --showkeys --inactive " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " $HEXKEY_32 "
2017-02-10 15:19:22 +03:00
# let's swap the tables
2017-07-10 11:40:09 +03:00
dmsetup resume " $PREFIX -crypt "
dmsetup load " $PREFIX -crypt " --table " 0 1 crypt $CIPHER :32:logon: $KEY_NAME 0 $DM_DEV_DIR /mapper/ $PREFIX -zero 0 "
2017-02-10 15:19:22 +03:00
2017-07-10 11:40:09 +03:00
str = $( dmsetup table --inactive " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " :32:logon: $KEY_NAME "
str = $( dmsetup table --showkeys --inactive " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " :32:logon: $KEY_NAME "
2017-02-10 15:19:22 +03:00
2017-07-10 11:40:09 +03:00
str = $( dmsetup table " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " $HIDENKEY_32 "
str = $( dmsetup table --showkeys " $PREFIX -crypt " | cut -d ' ' -f 5)
test " $str " = " $HEXKEY_32 "
2017-03-23 18:00:02 +03:00
2017-07-10 11:40:09 +03:00
dmsetup remove " $PREFIX -crypt "
dmsetup remove " $PREFIX -zero "