diff options
| -rw-r--r-- | WHATS_NEW_DM | 1 | ||||
| -rw-r--r-- | test/shell/dmsetup-keyring.sh | 72 | ||||
| -rw-r--r-- | tools/dmsetup.c | 6 |
3 files changed, 77 insertions, 2 deletions
diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM index 4903de37e..ac2d42020 100644 --- a/WHATS_NEW_DM +++ b/WHATS_NEW_DM @@ -1,5 +1,6 @@ Version 1.02.138 - ===================================== + Do not suppress kernel key description in dmsetup table output. Support configurable command executed from dmeventd thin plugin. Support new R|r human readable units output format. Thin dmeventd plugin reacts faster on lvextend failure path with umount. diff --git a/test/shell/dmsetup-keyring.sh b/test/shell/dmsetup-keyring.sh new file mode 100644 index 000000000..b85b5761f --- /dev/null +++ b/test/shell/dmsetup-keyring.sh @@ -0,0 +1,72 @@ +#!/bin/sh +# Copyright (C) 2017 Red Hat, Inc. All rights reserved. +# +# This copyrighted material is made available to anyone wishing to use, +# modify, copy, or redistribute it subject to the terms and conditions +# of the GNU General Public License v.2. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +# unrelated to lvm2 daemons +SKIP_WITH_LVMLOCKD=1 +SKIP_WITH_LVMPOLLD=1 +SKIP_WITH_CLVMD=1 +SKIP_WITH_LVMETAD=1 + +. lib/inittest + +CIPHER=aes-xts-plain64 +HEXKEY_32=0102030405060708090a0102030405060102030405060708090a010203040506 +HIDENKEY_32=0000000000000000000000000000000000000000000000000000000000000000 +KEY_NAME="$PREFIX:keydesc" + +function _teardown() { + keyctl unlink %:$PREFIX-keyring + aux teardown_devs_prefixed $PREFIX +} + +aux target_at_least zero 1 0 0 || skip "missing dm-zero target" +aux target_at_least crypt 1 15 0 || skip "dm-crypt doesn't support keys in kernel keyring service" +which keyctl || skip "test requires keyctl utility" + +keyctl newring $PREFIX-keyring @u +keyctl timeout %:$PREFIX-keyring 60 + +trap '_teardown' EXIT + +keyctl add logon $KEY_NAME ${HEXKEY_32:0:32} %:$PREFIX-keyring + +dmsetup create $PREFIX-zero --table "0 1 zero" +# put key in kernel keyring for active table +dmsetup create $PREFIX-crypt --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0" +# put hexbyte key in dm-crypt directly in inactive table +dmsetup load $PREFIX-crypt --table "0 1 crypt $CIPHER $HEXKEY_32 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0" + +# test dmsetup doesn't hide key descriptions... +str=`dmsetup table $PREFIX-crypt | cut -d ' ' -f 5` +test $str = :32:logon:$KEY_NAME || die +str=`dmsetup table --showkeys $PREFIX-crypt | cut -d ' ' -f 5` +test $str = :32:logon:$KEY_NAME || die + +# ...but it hides hexbyte representation of keys... +str=`dmsetup table --inactive $PREFIX-crypt | cut -d ' ' -f 5` +test $str = $HIDENKEY_32 || die +#...unless --showkeys explictly requested +str=`dmsetup table --showkeys --inactive $PREFIX-crypt | cut -d ' ' -f 5` +test $str = $HEXKEY_32 || die + +# let's swap the tables +dmsetup resume $PREFIX-crypt +dmsetup load $PREFIX-crypt --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0" + +str=`dmsetup table --inactive $PREFIX-crypt | cut -d ' ' -f 5` +test $str = :32:logon:$KEY_NAME || die +str=`dmsetup table --showkeys --inactive $PREFIX-crypt | cut -d ' ' -f 5` +test $str = :32:logon:$KEY_NAME || die + +str=`dmsetup table $PREFIX-crypt | cut -d ' ' -f 5` +test $str = $HIDENKEY_32 || die +str=`dmsetup table --showkeys $PREFIX-crypt | cut -d ' ' -f 5` +test $str = $HEXKEY_32 || die diff --git a/tools/dmsetup.c b/tools/dmsetup.c index c9549c6b5..120cae05f 100644 --- a/tools/dmsetup.c +++ b/tools/dmsetup.c @@ -2197,8 +2197,10 @@ static int _status(CMD_ARGS) c++; if (*c) c++; - while (*c && *c != ' ') - *c++ = '0'; + /* don't suppress kernel key descriptions */ + if (*c != ':') + while (*c && *c != ' ') + *c++ = '0'; } printf(FMTu64 " " FMTu64 " %s %s", start, length, target_type, params); |