1
0
mirror of git://sourceware.org/git/lvm2.git synced 2025-01-18 10:04:20 +03:00
lvm2/test/shell/dmsetup-keyring.sh

77 lines
2.8 KiB
Bash
Raw Normal View History

2017-07-02 21:38:32 +02:00
#!/usr/bin/env bash
# Copyright (C) 2017 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions
# of the GNU General Public License v.2.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
# unrelated to lvm2 daemons
SKIP_WITH_LVMLOCKD=1
SKIP_WITH_LVMPOLLD=1
. lib/inittest
CIPHER=aes-xts-plain64
HEXKEY_32=0102030405060708090a0102030405060102030405060708090a010203040506
HIDENKEY_32=0000000000000000000000000000000000000000000000000000000000000000
KEY_NAME="$PREFIX:keydesc"
function _teardown() {
2017-07-10 10:40:09 +02:00
keyctl unlink "%:$PREFIX-keyring"
aux teardown_devs_prefixed "$PREFIX"
}
aux target_at_least dm-zero 1 0 0 || skip "missing dm-zero target"
aux target_at_least dm-crypt 1 15 0 || skip "dm-crypt doesn't support keys in kernel keyring service"
which keyctl || skip "test requires keyctl utility"
keyctl new_session || true # fails with 'su', works with 'su -'
2017-07-10 10:40:09 +02:00
keyctl newring "$PREFIX-keyring" @s
keyctl timeout "%:$PREFIX-keyring" 60
trap '_teardown' EXIT
2017-07-10 10:40:09 +02:00
keyctl add logon "$KEY_NAME" "${HEXKEY_32:0:32}" "%:$PREFIX-keyring"
2017-07-10 10:40:09 +02:00
dmsetup create "$PREFIX-zero" --table "0 1 zero"
# put key in kernel keyring for active table
2017-07-10 10:40:09 +02:00
dmsetup create "$PREFIX-crypt" --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $DM_DEV_DIR/mapper/$PREFIX-zero 0"
# put hexbyte key in dm-crypt directly in inactive table
2017-07-10 10:40:09 +02:00
dmsetup load "$PREFIX-crypt" --table "0 1 crypt $CIPHER $HEXKEY_32 0 $DM_DEV_DIR/mapper/$PREFIX-zero 0"
# test dmsetup doesn't hide key descriptions...
2017-07-10 10:40:09 +02:00
str=$(dmsetup table "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = ":32:logon:$KEY_NAME"
str=$(dmsetup table --showkeys "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = ":32:logon:$KEY_NAME"
# ...but it hides hexbyte representation of keys...
2017-07-10 10:40:09 +02:00
str=$(dmsetup table --inactive "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = "$HIDENKEY_32"
2024-08-30 12:10:35 +02:00
#...unless --showkeys explicitly requested
2017-07-10 10:40:09 +02:00
str=$(dmsetup table --showkeys --inactive "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = "$HEXKEY_32"
# let's swap the tables
2017-07-10 10:40:09 +02:00
dmsetup resume "$PREFIX-crypt"
dmsetup load "$PREFIX-crypt" --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $DM_DEV_DIR/mapper/$PREFIX-zero 0"
2017-07-10 10:40:09 +02:00
str=$(dmsetup table --inactive "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = ":32:logon:$KEY_NAME"
str=$(dmsetup table --showkeys --inactive "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = ":32:logon:$KEY_NAME"
2017-07-10 10:40:09 +02:00
str=$(dmsetup table "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = "$HIDENKEY_32"
str=$(dmsetup table --showkeys "$PREFIX-crypt" | cut -d ' ' -f 5)
test "$str" = "$HEXKEY_32"
aux udev_wait
2017-07-10 10:40:09 +02:00
dmsetup remove "$PREFIX-crypt"
dmsetup remove "$PREFIX-zero"