xref: /openbmc/qemu/tests/qemu-iotests/294 (revision b4b9a0e32f93c0700f46617524317b0580126592)
1#!/usr/bin/env bash
2# group: rw quick
3#
4# Copyright (C) 2019 Red Hat, Inc.
5#
6# This program is free software; you can redistribute it and/or modify
7# it under the terms of the GNU General Public License as published by
8# the Free Software Foundation; either version 2 of the License, or
9# (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14# GNU General Public License for more details.
15#
16# You should have received a copy of the GNU General Public License
17# along with this program.  If not, see <http://www.gnu.org/licenses/>.
18#
19
20# creator
21owner=mlevitsk@redhat.com
22
23seq=`basename $0`
24echo "QA output created by $seq"
25
26status=1	# failure is the default!
27
28_cleanup()
29{
30	_cleanup_test_img
31}
32trap "_cleanup; exit \$status" 0 1 2 3 15
33
34# get standard environment, filters and checks
35. ./common.rc
36. ./common.filter
37
38_supported_fmt luks
39_supported_proto file fuse #TODO
40
41QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
42
43# you are supposed to see the password as *******, see :-)
44S0="--object secret,id=sec0,data=hunter0"
45S1="--object secret,id=sec1,data=hunter1"
46SECRETS="$S0 $S1"
47
48
49IMGS0="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec0"
50IMGS1="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec1"
51
52echo "== creating a test image =="
53_make_test_img $S0 -o "key-secret=sec0,iter-time=10" 32M
54
55echo
56echo "== test that key 0 opens the image =="
57$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
58
59echo
60echo "== adding a password to slot 1 =="
61$QEMU_IMG amend $SECRETS $IMGS0 -o state=active,new-secret=sec1,keyslot=1,iter-time=10
62
63echo
64echo "== 'backup' the image header =="
65dd if=$TEST_IMG_FILE of=${TEST_IMG_FILE}.bk bs=4K skip=0 count=1
66
67echo
68echo "== erase slot 0 =="
69$QEMU_IMG amend $SECRETS $IMGS1 -o state=inactive,keyslot=0 | _filter_img_create
70
71echo
72echo "== test that key 0 doesn't open the image =="
73$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
74
75echo
76echo "== 'restore' the image header =="
77dd if=${TEST_IMG_FILE}.bk of=${TEST_IMG_FILE} bs=4K skip=0 count=1 conv=notrunc
78
79echo
80echo "== test that key 0 still doesn't open the image (key material is erased) =="
81$QEMU_IO $SECRETS -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
82
83echo
84echo "== test that key 1 still works =="
85$QEMU_IO $SECRETS -c "read 0 4096" $IMGS1 | _filter_qemu_io | _filter_testdir
86
87echo "*** done"
88rm -f $seq.full
89status=0
90
91
92exit 0
93