| Vladimir Sementsov-Ogievskiy | 92a476e | 2021-01-16 16:44:18 +0300 | [diff] [blame] | 1 | #!/usr/bin/env bash |
| Vladimir Sementsov-Ogievskiy | 9dd003a | 2021-01-16 16:44:19 +0300 | [diff] [blame] | 2 | # group: rw quick |
| Maxim Levitsky | 11d80bf | 2020-06-25 14:55:44 +0200 | [diff] [blame] | 3 | # |
| 4 | # Copyright (C) 2019 Red Hat, Inc. |
| 5 | # |
| 6 | # This program is free software; you can redistribute it and/or modify |
| 7 | # it under the terms of the GNU General Public License as published by |
| 8 | # the Free Software Foundation; either version 2 of the License, or |
| 9 | # (at your option) any later version. |
| 10 | # |
| 11 | # This program is distributed in the hope that it will be useful, |
| 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 14 | # GNU General Public License for more details. |
| 15 | # |
| 16 | # You should have received a copy of the GNU General Public License |
| 17 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 18 | # |
| 19 | |
| 20 | # creator |
| 21 | owner=mlevitsk@redhat.com |
| 22 | |
| 23 | seq=`basename $0` |
| 24 | echo "QA output created by $seq" |
| 25 | |
| 26 | status=1 # failure is the default! |
| 27 | |
| 28 | _cleanup() |
| 29 | { |
| 30 | _cleanup_test_img |
| 31 | } |
| 32 | trap "_cleanup; exit \$status" 0 1 2 3 15 |
| 33 | |
| 34 | # get standard environment, filters and checks |
| 35 | . ./common.rc |
| 36 | . ./common.filter |
| 37 | |
| 38 | _supported_fmt luks |
| Max Reitz | 57284d2 | 2020-10-27 20:05:59 +0100 | [diff] [blame] | 39 | _supported_proto file fuse #TODO |
| Maxim Levitsky | 11d80bf | 2020-06-25 14:55:44 +0200 | [diff] [blame] | 40 | |
| 41 | QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT |
| 42 | |
| 43 | # you are supposed to see the password as *******, see :-) |
| 44 | S0="--object secret,id=sec0,data=hunter0" |
| 45 | S1="--object secret,id=sec1,data=hunter1" |
| 46 | SECRETS="$S0 $S1" |
| 47 | |
| 48 | |
| 49 | IMGS0="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec0" |
| 50 | IMGS1="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec1" |
| 51 | |
| 52 | echo "== creating a test image ==" |
| 53 | _make_test_img $S0 -o "key-secret=sec0,iter-time=10" 32M |
| 54 | |
| 55 | echo |
| 56 | echo "== test that key 0 opens the image ==" |
| 57 | $QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir |
| 58 | |
| 59 | echo |
| 60 | echo "== adding a password to slot 1 ==" |
| 61 | $QEMU_IMG amend $SECRETS $IMGS0 -o state=active,new-secret=sec1,keyslot=1,iter-time=10 |
| 62 | |
| 63 | echo |
| 64 | echo "== 'backup' the image header ==" |
| 65 | dd if=$TEST_IMG_FILE of=${TEST_IMG_FILE}.bk bs=4K skip=0 count=1 |
| 66 | |
| 67 | echo |
| 68 | echo "== erase slot 0 ==" |
| 69 | $QEMU_IMG amend $SECRETS $IMGS1 -o state=inactive,keyslot=0 | _filter_img_create |
| 70 | |
| 71 | echo |
| 72 | echo "== test that key 0 doesn't open the image ==" |
| 73 | $QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir |
| 74 | |
| 75 | echo |
| 76 | echo "== 'restore' the image header ==" |
| 77 | dd if=${TEST_IMG_FILE}.bk of=${TEST_IMG_FILE} bs=4K skip=0 count=1 conv=notrunc |
| 78 | |
| 79 | echo |
| 80 | echo "== test that key 0 still doesn't open the image (key material is erased) ==" |
| 81 | $QEMU_IO $SECRETS -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir |
| 82 | |
| 83 | echo |
| 84 | echo "== test that key 1 still works ==" |
| 85 | $QEMU_IO $SECRETS -c "read 0 4096" $IMGS1 | _filter_qemu_io | _filter_testdir |
| 86 | |
| 87 | echo "*** done" |
| 88 | rm -f $seq.full |
| 89 | status=0 |
| 90 | |
| 91 | |
| 92 | exit 0 |
