1# 2# Copyright (C) 2019 Red Hat, Inc. 3# 4# This program is free software; you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation; either version 2 of the License, or 7# (at your option) any later version. 8# 9# This program is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with this program. If not, see <http://www.gnu.org/licenses/>. 16# 17 18# creator 19owner=mlevitsk@redhat.com 20 21seq=`basename $0` 22echo "QA output created by $seq" 23 24status=1 # failure is the default! 25 26_cleanup() 27{ 28 _cleanup_test_img 29} 30trap "_cleanup; exit \$status" 0 1 2 3 15 31 32# get standard environment, filters and checks 33. ./common.rc 34. ./common.filter 35 36_supported_fmt luks 37_supported_proto file fuse #TODO 38 39QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT 40 41# you are supposed to see the password as *******, see :-) 42S0="--object secret,id=sec0,data=hunter0" 43S1="--object secret,id=sec1,data=hunter1" 44SECRETS="$S0 $S1" 45 46 47IMGS0="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec0" 48IMGS1="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec1" 49 50echo "== creating a test image ==" 51_make_test_img $S0 -o "key-secret=sec0,iter-time=10" 32M 52 53echo 54echo "== test that key 0 opens the image ==" 55$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir 56 57echo 58echo "== adding a password to slot 1 ==" 59$QEMU_IMG amend $SECRETS $IMGS0 -o state=active,new-secret=sec1,keyslot=1,iter-time=10 60 61echo 62echo "== 'backup' the image header ==" 63dd if=$TEST_IMG_FILE of=${TEST_IMG_FILE}.bk bs=4K skip=0 count=1 64 65echo 66echo "== erase slot 0 ==" 67$QEMU_IMG amend $SECRETS $IMGS1 -o state=inactive,keyslot=0 | _filter_img_create 68 69echo 70echo "== test that key 0 doesn't open the image ==" 71$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir 72 73echo 74echo "== 'restore' the image header ==" 75dd if=${TEST_IMG_FILE}.bk of=${TEST_IMG_FILE} bs=4K skip=0 count=1 conv=notrunc 76 77echo 78echo "== test that key 0 still doesn't open the image (key material is erased) ==" 79$QEMU_IO $SECRETS -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir 80 81echo 82echo "== test that key 1 still works ==" 83$QEMU_IO $SECRETS -c "read 0 4096" $IMGS1 | _filter_qemu_io | _filter_testdir 84 85echo "*** done" 86rm -f $seq.full 87status=0 88 89 90exit 0 91