Tree - rpms/cryptsetup - CentOS Git server

rpms / cryptsetup

Files

Commit: 5d0898990b5c9672a396bf5a8926cbe8e1d65e2a
Blob Blame History Raw
From 619b533bfbb8e6782687eda9e2ba16fc2f73bd15 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Tue, 7 Aug 2018 10:17:31 +0200
Subject: [PATCH 5/7] Make reencryption-compat-test2 ready for different LUKS2
 hdr size.

---
 tests/reencryption-compat-test2 | 40 +++++++++++++++++++++++++++++-----------
 1 file changed, 29 insertions(+), 11 deletions(-)

diff --git a/tests/reencryption-compat-test2 b/tests/reencryption-compat-test2
index 411df1f..9656c7b 100755
--- a/tests/reencryption-compat-test2
+++ b/tests/reencryption-compat-test2
@@ -19,6 +19,10 @@ PWD3="1-9Qu5Ejfnqv"
 MNT_DIR=./mnt_luks
 START_DIR=$(pwd)
 
+# FIXME: we need some sane API to get this information. This is hack.
+LUKS2_HDR_DEFAULT_LEN=$(grep -e "#define LUKS2_HDR_DEFAULT_LEN" ../lib/luks2/luks2.h | cut -d ' ' -f 3)
+LUKS2_HDR_DEFAULT_LEN_SECTORS=$((LUKS2_HDR_DEFAULT_LEN/512))
+
 function dm_crypt_features()
 {
 	local VER_STR=$(dmsetup targets | grep crypt | cut -f2 -dv)
@@ -48,6 +52,7 @@ function remove_mapping()
 	umount $MNT_DIR > /dev/null 2>&1
 	rmdir $MNT_DIR > /dev/null 2>&1
 	del_scsi_device
+	test -z "$TMP_LOOP" || losetup -d "$TMP_LOOP"
 }
 
 function fail()
@@ -113,9 +118,21 @@ function prepare() # $1 dev1_siz
 	fi
 }
 
-function check_hash_dev() # $1 dev, $2 hash
+function check_hash_dev() # $1 dev, $2 hash, [$3 optional max size in KiBs]
 {
-	HASH=$(sha256sum $1 | cut -d' ' -f 1)
+	local _dev=$1
+	if [ $# -gt 2 ]; then
+		_dev=$(losetup -f)
+		losetup -f --sizelimit $3K $1 || fail
+		TMP_LOOP=$_dev
+		test -b $TMP_LOOP || fail
+	fi
+
+	HASH=$(sha256sum $_dev | cut -d' ' -f 1)
+	test -b "$TMP_LOOP" && {
+		losetup -d "$TMP_LOOP"
+		unset TMP_LOOP
+	}
 	[ $HASH != "$2" ] && fail "HASH differs ($HASH)"
 }
 
@@ -218,7 +235,7 @@ HASH5=bb9f8df61474d25e71fa00722318cd387396ca1736605e1248821cc0de3d3af8
 HASH6=4d9cbaf3aa0935a8c113f139691b3daf9c94c8d6c278aedc8eec66a4b9f6c8ae
 
 echo "[1] Reencryption"
-prepare 8192
+prepare $((4096+LUKS2_HDR_DEFAULT_LEN_SECTORS/2))
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 -s 128 -c aes-cbc-plain $FAST_PBKDF_ARGON --align-payload 4096 $IMG || fail
 wipe $PWD1
 check_hash $PWD1 $HASH5
@@ -260,9 +277,9 @@ $CRYPTSETUP luksDump $IMG | grep -q "luks2" > /dev/null || fail
 
 echo "[4] Encryption of not yet encrypted device"
 # well, movin' zeroes :-)
-OFFSET=8192 # default LUKS2 header size
-prepare 8192
-check_hash_dev $IMG $HASH4
+OFFSET=$LUKS2_HDR_DEFAULT_LEN_SECTORS # default LUKS2 header size
+prepare $((4096+$OFFSET/2)) # in KiBs
+check_hash_dev $IMG $HASH4 8192
 echo $PWD1 | $REENC --type luks2 $IMG -c aes-cbc-essiv:sha256 -s 128 --new --reduce-device-size "$OFFSET"S -q $FAST_PBKDF_ARGON
 check_hash $PWD1 $HASH5
 $CRYPTSETUP luksDump $IMG | grep -q "luks2" > /dev/null || fail
@@ -299,11 +316,11 @@ echo -e "$PWD2\n$PWD1\n$PWD2\n$PWD1\n$PWD2\n$PWD1\n$PWD2\n$PWD3" | $REENC -q $IM
 check_slot 0 1 2 3 4 5 6 22 || fail "All keyslots expected to be enabled"
 
 echo "[7] Reencryption of block devices with different block size"
-add_scsi_device sector_size=512 dev_size_mb=8
+add_scsi_device sector_size=512 dev_size_mb=16
 simple_scsi_reenc "[512 sector]"
-add_scsi_device sector_size=4096 dev_size_mb=8
+add_scsi_device sector_size=4096 dev_size_mb=16
 simple_scsi_reenc "[4096 sector]"
-add_scsi_device sector_size=512 physblk_exp=3 dev_size_mb=8
+add_scsi_device sector_size=512 physblk_exp=3 dev_size_mb=16
 simple_scsi_reenc "[4096/512 sector]"
 echo "[OK]"
 
@@ -350,7 +367,7 @@ echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 $FAST_PBKDF_ARGON $IMG || fa
 wipe $PWD1
 check_hash $PWD1 $HASH5
 echo $PWD1 | $REENC $IMG -q --decrypt
-check_hash_dev $IMG $HASH4
+check_hash_dev $IMG $HASH4 8192
 
 echo "[11] Reencryption with tokens"
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 $FAST_PBKDF_ARGON $IMG || fail
@@ -403,7 +420,7 @@ $CRYPTSETUP isLuks $IMG_HDR || fail
 $CRYPTSETUP luksDump $IMG_HDR | grep -q "0: luks2" || fail
 
 echo "[14] Reencryption with unbound keyslot"
-prepare 8192
+prepare $((4096+LUKS2_HDR_DEFAULT_LEN_SECTORS/2))
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 $FAST_PBKDF_ARGON $IMG || fail
 echo $PWD2 | $CRYPTSETUP -q luksAddKey -S 3 --unbound --key-size 64 $FAST_PBKDF_ARGON $IMG || fail
 wipe $PWD1
@@ -421,6 +438,7 @@ check_hash $PWD1 $HASH1
 $CRYPTSETUP -q convert --type luks2 $IMG || fail
 echo $PWD1 | $REENC $IMG -q $FAST_PBKDF_PBKDF2 || fail
 check_hash $PWD1 $HASH1
+prepare $((4096+LUKS2_HDR_DEFAULT_LEN_SECTORS/2))
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks2 $FAST_PBKDF_PBKDF2 $IMG || fail
 wipe $PWD1
 check_hash $PWD1 $HASH5
-- 
1.8.3.1
rpms / cryptsetup

Source Code

Files
