blob: 127d2f7b302a0ca5fc8be6cc966e62221c957823 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
#!/bin/sh
# Copyright (C) 2017 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions
# of the GNU General Public License v.2.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
# unrelated to lvm2 daemons
SKIP_WITH_LVMLOCKD=1
SKIP_WITH_LVMPOLLD=1
SKIP_WITH_CLVMD=1
SKIP_WITH_LVMETAD=1
. lib/inittest
CIPHER=aes-xts-plain64
HEXKEY_32=0102030405060708090a0102030405060102030405060708090a010203040506
HIDENKEY_32=0000000000000000000000000000000000000000000000000000000000000000
KEY_NAME="$PREFIX:keydesc"
function _teardown() {
keyctl unlink %:$PREFIX-keyring
aux teardown_devs_prefixed $PREFIX
}
aux target_at_least dm-zero 1 0 0 || skip "missing dm-zero target"
aux target_at_least dm-crypt 1 15 0 || skip "dm-crypt doesn't support keys in kernel keyring service"
which keyctl || skip "test requires keyctl utility"
keyctl newring $PREFIX-keyring @u
keyctl timeout %:$PREFIX-keyring 60
trap '_teardown' EXIT
keyctl add logon $KEY_NAME ${HEXKEY_32:0:32} %:$PREFIX-keyring
dmsetup create $PREFIX-zero --table "0 1 zero"
# put key in kernel keyring for active table
dmsetup create $PREFIX-crypt --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0"
# put hexbyte key in dm-crypt directly in inactive table
dmsetup load $PREFIX-crypt --table "0 1 crypt $CIPHER $HEXKEY_32 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0"
# test dmsetup doesn't hide key descriptions...
str=`dmsetup table $PREFIX-crypt | cut -d ' ' -f 5`
test $str = :32:logon:$KEY_NAME
str=`dmsetup table --showkeys $PREFIX-crypt | cut -d ' ' -f 5`
test $str = :32:logon:$KEY_NAME
# ...but it hides hexbyte representation of keys...
str=`dmsetup table --inactive $PREFIX-crypt | cut -d ' ' -f 5`
test $str = $HIDENKEY_32
#...unless --showkeys explictly requested
str=`dmsetup table --showkeys --inactive $PREFIX-crypt | cut -d ' ' -f 5`
test $str = $HEXKEY_32
# let's swap the tables
dmsetup resume $PREFIX-crypt
dmsetup load $PREFIX-crypt --table "0 1 crypt $CIPHER :32:logon:$KEY_NAME 0 $TESTDIR/dev$prefix/mapper/$PREFIX-zero 0"
str=`dmsetup table --inactive $PREFIX-crypt | cut -d ' ' -f 5`
test $str = :32:logon:$KEY_NAME
str=`dmsetup table --showkeys --inactive $PREFIX-crypt | cut -d ' ' -f 5`
test $str = :32:logon:$KEY_NAME
str=`dmsetup table $PREFIX-crypt | cut -d ' ' -f 5`
test $str = $HIDENKEY_32
str=`dmsetup table --showkeys $PREFIX-crypt | cut -d ' ' -f 5`
test $str = $HEXKEY_32
dmsetup remove $PREFIX-crypt
dmsetup remove $PREFIX-zero
|
