From owner-svn-src-stable-11@freebsd.org Fri Feb 2 21:57:02 2018 Return-Path: Delivered-To: svn-src-stable-11@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5543BECD482; Fri, 2 Feb 2018 21:57:02 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ED3F98290C; Fri, 2 Feb 2018 21:57:01 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DE9C22173F; Fri, 2 Feb 2018 21:57:01 +0000 (UTC) (envelope-from asomers@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w12Lv1ui030187; Fri, 2 Feb 2018 21:57:01 GMT (envelope-from asomers@FreeBSD.org) Received: (from asomers@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w12Lv04E030179; Fri, 2 Feb 2018 21:57:00 GMT (envelope-from asomers@FreeBSD.org) Message-Id: <201802022157.w12Lv04E030179@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: asomers set sender to asomers@FreeBSD.org using -f From: Alan Somers Date: Fri, 2 Feb 2018 21:57:00 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r328811 - in stable/11: . tests/sys/geom/class/eli X-SVN-Group: stable-11 X-SVN-Commit-Author: asomers X-SVN-Commit-Paths: in stable/11: . tests/sys/geom/class/eli X-SVN-Commit-Revision: 328811 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Feb 2018 21:57:02 -0000 Author: asomers Date: Fri Feb 2 21:57:00 2018 New Revision: 328811 URL: https://svnweb.freebsd.org/changeset/base/328811 Log: MFC geli test suite changes MFC r306188, r306395, r327346-r327347, r327352-r327353, r327662, r327666, r327682-r327683, r327685 r306188 by br: Use bsdlabel as we don't have hardlink disklabel -> bsdlabel on some platforms. Reviewed by: ngie Sponsored by: DARPA, AFRL Sponsored by: HEIF5 Differential Revision: https://reviews.freebsd.org/D7968 r306395 by br: Increase timeouts for geli tests. It takes 2-3x more time to proceed the tests on MIPS64EB in QEMU. Sponsored by: DARPA, AFRL Sponsored by: HEIF5 r327346: Fix potential TOCTTOU bug in the geli tests This change mostly reverts r293436, which introduced the bug due to a belief that geli(8) would allocate md(4) devices by itself. However, that belief is incorrect. Instead of using linear probing to find available md(4) numbers, it's best to use the existing attach_md function. Reviewed by: ngie Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D13666 r327347: geli: factor out some common code in the geli tests No functional change. Sponsored by: Spectra Logic Corp r327352: Fix a harmless typo from r310786 I copy/pasted a reference to an undefined shell variable. r327353: geli: fix the resize test on arm64 The resize test used bsdlabel(8), which is not available on all architectures. Change it to use gpart(8) instead, which should be available everywhere. PR: 221763 Reported by: andrew r327662: geli: convert most tests from TAP to ATF I'm leaving readonly_test and nokey_test alone for now. In a future commit they should be broken up into several smaller test cases and distributed between multiple files. Reviewed by: ngie Differential Revision: https://reviews.freebsd.org/D13717 r327666: geli: fix parallel execution of tests The trick is not to destroy an md(4) device during a test. That can create a "double-free" situation, because we also destroy md devices during test cleanup. r327682: Fix typo from r327666 X-MFC-With: 327666 r327683: geli: convert remaining TAP tests to ATF r327685: geli: optimize tests Reduce the geli tests' runtime by about a third: * In integrity_test:copy, use a file-backed md(4) device instead of a malloc'd one. That way we can corrupt the underlying storage without needing to detach and reattach the geli device. * In integrity_test:{copy, hmac, data} and onetime_test:{onetime, onetime_a}, move reads of /dev/random out of the loop. Added: stable/11/tests/sys/geom/class/eli/attach_test.sh - copied, changed from r327662, head/tests/sys/geom/class/eli/attach_test.sh stable/11/tests/sys/geom/class/eli/configure_test.sh - copied unchanged from r327662, head/tests/sys/geom/class/eli/configure_test.sh stable/11/tests/sys/geom/class/eli/detach_test.sh - copied unchanged from r327662, head/tests/sys/geom/class/eli/detach_test.sh stable/11/tests/sys/geom/class/eli/integrity_test.sh - copied, changed from r327662, head/tests/sys/geom/class/eli/integrity_test.sh Deleted: stable/11/tests/sys/geom/class/eli/attach_d_test.sh stable/11/tests/sys/geom/class/eli/configure_b_B_test.sh stable/11/tests/sys/geom/class/eli/detach_l_test.sh stable/11/tests/sys/geom/class/eli/init_B_test.sh stable/11/tests/sys/geom/class/eli/init_J_test.sh stable/11/tests/sys/geom/class/eli/init_a_test.sh stable/11/tests/sys/geom/class/eli/init_alias_test.sh stable/11/tests/sys/geom/class/eli/init_i_P_test.sh stable/11/tests/sys/geom/class/eli/integrity_copy_test.sh stable/11/tests/sys/geom/class/eli/integrity_data_test.sh stable/11/tests/sys/geom/class/eli/integrity_hmac_test.sh stable/11/tests/sys/geom/class/eli/nokey_test.sh stable/11/tests/sys/geom/class/eli/onetime_a_test.sh stable/11/tests/sys/geom/class/eli/onetime_d_test.sh stable/11/tests/sys/geom/class/eli/readonly_test.sh Modified: stable/11/ObsoleteFiles.inc stable/11/tests/sys/geom/class/eli/Makefile stable/11/tests/sys/geom/class/eli/conf.sh stable/11/tests/sys/geom/class/eli/delkey_test.sh stable/11/tests/sys/geom/class/eli/init_test.sh stable/11/tests/sys/geom/class/eli/kill_test.sh stable/11/tests/sys/geom/class/eli/onetime_test.sh stable/11/tests/sys/geom/class/eli/resize_test.sh stable/11/tests/sys/geom/class/eli/setkey_test.sh Directory Properties: stable/11/ (props changed) Modified: stable/11/ObsoleteFiles.inc ============================================================================== --- stable/11/ObsoleteFiles.inc Fri Feb 2 21:52:00 2018 (r328810) +++ stable/11/ObsoleteFiles.inc Fri Feb 2 21:57:00 2018 (r328811) @@ -38,6 +38,22 @@ # xargs -n1 | sort | uniq -d; # done +# 20180202: Convert geli(8) tests to ATF +OLD_FILES+=tests/sys/geom/class/eli/nokey_test.sh +OLD_FILES+=tests/sys/geom/class/eli/readonly_test.sh +OLD_FILES+=tests/sys/geom/class/eli/attach_d_test.sh +OLD_FILES+=tests/sys/geom/class/eli/configure_b_B_test.sh +OLD_FILES+=tests/sys/geom/class/eli/detach_l_test.sh +OLD_FILES+=tests/sys/geom/class/eli/init_B_test.sh +OLD_FILES+=tests/sys/geom/class/eli/init_J_test.sh +OLD_FILES+=tests/sys/geom/class/eli/init_a_test.sh +OLD_FILES+=tests/sys/geom/class/eli/init_alias_test.sh +OLD_FILES+=tests/sys/geom/class/eli/init_i_P_test.sh +OLD_FILES+=tests/sys/geom/class/eli/integrity_copy_test.sh +OLD_FILES+=tests/sys/geom/class/eli/integrity_data_test.sh +OLD_FILES+=tests/sys/geom/class/eli/integrity_hmac_test.sh +OLD_FILES+=tests/sys/geom/class/eli/onetime_a_test.sh +OLD_FILES+=tests/sys/geom/class/eli/onetime_d_test.sh # 20171226: new clang import which bumps version from 5.0.0 to 5.0.1. OLD_FILES+=usr/lib/clang/5.0.0/include/sanitizer/allocator_interface.h OLD_FILES+=usr/lib/clang/5.0.0/include/sanitizer/asan_interface.h Modified: stable/11/tests/sys/geom/class/eli/Makefile ============================================================================== --- stable/11/tests/sys/geom/class/eli/Makefile Fri Feb 2 21:52:00 2018 (r328810) +++ stable/11/tests/sys/geom/class/eli/Makefile Fri Feb 2 21:57:00 2018 (r328811) @@ -7,36 +7,16 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/geom/class/${.CURDIR:T} ATF_TESTS_C= pbkdf2_test - -TAP_TESTS_SH+= attach_d_test -TAP_TESTS_SH+= configure_b_B_test -TAP_TESTS_SH+= delkey_test -TAP_TESTS_SH+= detach_l_test -TAP_TESTS_SH+= init_B_test -TAP_TESTS_SH+= init_J_test -TAP_TESTS_SH+= init_a_test -TAP_TESTS_SH+= init_alias_test -TAP_TESTS_SH+= init_i_P_test -TAP_TESTS_SH+= init_test -TAP_TESTS_SH+= integrity_copy_test -TAP_TESTS_SH+= integrity_data_test -TAP_TESTS_SH+= integrity_hmac_test -TAP_TESTS_SH+= kill_test -TAP_TESTS_SH+= nokey_test -TAP_TESTS_SH+= onetime_a_test -TAP_TESTS_SH+= onetime_d_test -TAP_TESTS_SH+= onetime_test -TAP_TESTS_SH+= readonly_test -TAP_TESTS_SH+= resize_test -TAP_TESTS_SH+= setkey_test - -TEST_METADATA.init_a_test+= timeout="1200" -TEST_METADATA.init_test+= timeout="300" -TEST_METADATA.integrity_copy_test+= timeout="1200" -TEST_METADATA.integrity_data_test+= timeout="600" -TEST_METADATA.integrity_hmac_test+= timeout="600" -TEST_METADATA.onetime_a_test+= timeout="600" -TEST_METADATA.onetime_test+= timeout="600" +ATF_TESTS_SH+= attach_test +ATF_TESTS_SH+= configure_test +ATF_TESTS_SH+= delkey_test +ATF_TESTS_SH+= detach_test +ATF_TESTS_SH+= init_test +ATF_TESTS_SH+= integrity_test +ATF_TESTS_SH+= kill_test +ATF_TESTS_SH+= onetime_test +ATF_TESTS_SH+= resize_test +ATF_TESTS_SH+= setkey_test ${PACKAGE}FILES+= conf.sh Copied and modified: stable/11/tests/sys/geom/class/eli/attach_test.sh (from r327662, head/tests/sys/geom/class/eli/attach_test.sh) ============================================================================== --- head/tests/sys/geom/class/eli/attach_test.sh Sun Jan 7 00:44:22 2018 (r327662, copy source) +++ stable/11/tests/sys/geom/class/eli/attach_test.sh Fri Feb 2 21:57:00 2018 (r328811) @@ -39,7 +39,62 @@ attach_d_cleanup() geli_test_cleanup } +atf_test_case attach_r cleanup +attach_r_head() +{ + atf_set "descr" "geli attach -r will create a readonly provider" + atf_set "require.user" "root" +} +attach_r_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + atf_check geli init -B none -P -K keyfile ${md} + atf_check geli attach -r -p -k keyfile ${md} + + atf_check -o match:"^Flags: .*READ-ONLY" geli list ${md}.eli + + # Verify that writes are verbotten + atf_check -s not-exit:0 -e match:"Read-only" \ + dd if=/dev/zero of=/dev/${md}.eli count=1 +} +attach_r_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_test_case nokey cleanup +nokey_head() +{ + atf_set "descr" "geli attach fails if called with no key component" + atf_set "require.user" "root" +} +nokey_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + atf_check geli init -B none -P -K keyfile ${md} + atf_check -s not-exit:0 -e match:"No key components given" \ + geli attach -p ${md} 2>/dev/null +} +nokey_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + atf_init_test_cases() { atf_add_test_case attach_d + atf_add_test_case attach_r + atf_add_test_case nokey } Modified: stable/11/tests/sys/geom/class/eli/conf.sh ============================================================================== --- stable/11/tests/sys/geom/class/eli/conf.sh Fri Feb 2 21:52:00 2018 (r328810) +++ stable/11/tests/sys/geom/class/eli/conf.sh Fri Feb 2 21:57:00 2018 (r328811) @@ -2,21 +2,40 @@ # $FreeBSD$ class="eli" -base=`basename $0` +base=$(atf_get ident) +MAX_SECSIZE=8192 +TEST_MDS_FILE=md.devs -# We need to use linear probing in order to detect the first available md(4) -# device instead of using mdconfig -a -t, because geli(8) attachs md(4) devices -no=0 -while [ -c /dev/md$no ]; do - : $(( no += 1 )) -done +attach_md() +{ + local test_md + test_md=$(mdconfig -a "$@") || atf_fail "failed to allocate md(4)" + echo $test_md >> $TEST_MDS_FILE || exit + echo $test_md +} + # Execute `func` for each combination of cipher, sectorsize, and hmac algo # `func` usage should be: # func for_each_geli_config() { func=$1 + backing_filename=$2 + # Double the sector size to allow for the HMACs' storage space. + osecsize=$(( $MAX_SECSIZE * 2 )) + # geli needs 512B for the label. + bytes=`expr $osecsize \* $sectors + 512`b + + if [ -n "$backing_filename" ]; then + # Use a file-backed md(4) device, so we can deliberatly corrupt + # it without detaching the geli device first. + truncate -s $bytes backing_file + md=$(attach_md -t vnode -f backing_file) + else + md=$(attach_md -t malloc -s $bytes) + fi + for cipher in aes-xts:128 aes-xts:256 \ aes-cbc:128 aes-cbc:192 aes-cbc:256 \ 3des-cbc:192 \ @@ -29,8 +48,9 @@ for_each_geli_config() { keylen=${cipher##*:} for aalgo in hmac/md5 hmac/sha1 hmac/ripemd160 hmac/sha256 \ hmac/sha384 hmac/sha512; do - for secsize in 512 1024 2048 4096 8192; do + for secsize in 512 1024 2048 4096 $MAX_SECSIZE; do ${func} $cipher $aalgo $secsize + geli detach ${md} 2>/dev/null done done done @@ -42,6 +62,9 @@ for_each_geli_config() { for_each_geli_config_nointegrity() { func=$1 + # geli needs 512B for the label. + bytes=`expr $MAX_SECSIZE \* $sectors + 512`b + md=$(attach_md -t malloc -s $bytes) for cipher in aes-xts:128 aes-xts:256 \ aes-cbc:128 aes-cbc:192 aes-cbc:256 \ 3des-cbc:192 \ @@ -52,8 +75,9 @@ for_each_geli_config_nointegrity() { camellia-cbc:128 camellia-cbc:192 camellia-cbc:256; do ealgo=${cipher%%:*} keylen=${cipher##*:} - for secsize in 512 1024 2048 4096 8192; do - ${func} $cipher $aalgo $secsize + for secsize in 512 1024 2048 4096 $MAX_SECSIZE; do + ${func} $cipher $secsize + geli detach ${md} 2>/dev/null done done } @@ -61,9 +85,14 @@ for_each_geli_config_nointegrity() { geli_test_cleanup() { - [ -c /dev/md${no}.eli ] && geli detach md${no}.eli - mdconfig -d -u $no + if [ -f "$TEST_MDS_FILE" ]; then + while read md; do + [ -c /dev/${md}.eli ] && \ + geli detach $md.eli 2>/dev/null + mdconfig -d -u $md 2>/dev/null + done < $TEST_MDS_FILE + fi + true } -trap geli_test_cleanup ABRT EXIT INT TERM . `dirname $0`/../geom_subr.sh Copied: stable/11/tests/sys/geom/class/eli/configure_test.sh (from r327662, head/tests/sys/geom/class/eli/configure_test.sh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/11/tests/sys/geom/class/eli/configure_test.sh Fri Feb 2 21:57:00 2018 (r328811, copy of r327662, head/tests/sys/geom/class/eli/configure_test.sh) @@ -0,0 +1,59 @@ +# $FreeBSD$ + +atf_test_case configure_b_B cleanup +configure_b_B_head() +{ + atf_set "descr" "geli configure -b will set the BOOT flag" + atf_set "require.user" "root" +} +configure_b_B_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + + atf_check geli init -B none -P -K /dev/null ${md} + + atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + + atf_check geli init -B none -b -P -K /dev/null ${md} + + atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + + atf_check geli configure -B ${md} + + atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + + atf_check geli configure -b ${md} + + atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + + atf_check geli attach -p -k /dev/null ${md} + + atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli + + atf_check geli configure -B ${md} + + atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli + + atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + + atf_check geli configure -b ${md} + + atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli + + atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + + atf_check geli detach ${md} +} +configure_b_B_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case configure_b_B +} Modified: stable/11/tests/sys/geom/class/eli/delkey_test.sh ============================================================================== --- stable/11/tests/sys/geom/class/eli/delkey_test.sh Fri Feb 2 21:52:00 2018 (r328810) +++ stable/11/tests/sys/geom/class/eli/delkey_test.sh Fri Feb 2 21:57:00 2018 (r328811) @@ -1,140 +1,114 @@ #!/bin/sh # $FreeBSD$ -. $(dirname $0)/conf.sh +atf_test_case delkey cleanup +delkey_head() +{ + atf_set "descr" "geli delkey can destroy the master key" + atf_set "require.user" "root" +} +delkey_body() +{ + . $(atf_get_srcdir)/conf.sh -base=`basename $0` -sectors=100 -keyfile1=`mktemp $base.XXXXXX` || exit 1 -keyfile2=`mktemp $base.XXXXXX` || exit 1 -keyfile3=`mktemp $base.XXXXXX` || exit 1 -keyfile4=`mktemp $base.XXXXXX` || exit 1 -mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1 + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) -echo "1..14" + atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none + atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none + atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none + atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none -dd if=/dev/random of=${keyfile1} bs=512 count=16 >/dev/null 2>&1 -dd if=/dev/random of=${keyfile2} bs=512 count=16 >/dev/null 2>&1 -dd if=/dev/random of=${keyfile3} bs=512 count=16 >/dev/null 2>&1 -dd if=/dev/random of=${keyfile4} bs=512 count=16 >/dev/null 2>&1 + atf_check geli init -B none -P -K keyfile1 ${md} + atf_check geli attach -p -k keyfile1 ${md} + atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md} -geli init -B none -P -K $keyfile1 md${no} -geli attach -p -k $keyfile1 md${no} -geli setkey -n 1 -P -K $keyfile2 md${no} + # Remove key 0 for attached provider. + atf_check geli delkey -n 0 ${md} + atf_check geli detach ${md} -# Remove key 0 for attached provider. -geli delkey -n 0 md${no} -if [ $? -eq 0 ]; then - echo "ok 1" -else - echo "not ok 1" -fi -geli detach md${no} + # We cannot use keyfile1 anymore. + atf_check -s not-exit:0 -e match:"Wrong key" \ + geli attach -p -k keyfile1 ${md} -# We cannot use keyfile1 anymore. -geli attach -p -k $keyfile1 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 2" -else - echo "not ok 2" -fi + # Attach with key 1. + atf_check geli attach -p -k keyfile2 ${md} -# Attach with key 1. -geli attach -p -k $keyfile2 md${no} -if [ $? -eq 0 ]; then - echo "ok 3" -else - echo "not ok 3" -fi + # We cannot remove last key without -f option (for attached provider). + atf_check -s not-exit:0 -e match:"This is the last Master Key" \ + geli delkey -n 1 ${md} -# We cannot remove last key without -f option (for attached provider). -geli delkey -n 1 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 4" -else - echo "not ok 4" -fi + # Remove last key for attached provider. + atf_check geli delkey -f -n 1 ${md} -# Remove last key for attached provider. -geli delkey -f -n 1 md${no} -if [ $? -eq 0 ]; then - echo "ok 5" -else - echo "not ok 5" -fi + # If there are no valid keys, but provider is attached, we can save situation. + atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md} + atf_check geli detach ${md} -# If there are no valid keys, but provider is attached, we can save situation. -geli setkey -n 0 -P -K $keyfile3 md${no} -if [ $? -eq 0 ]; then - echo "ok 6" -else - echo "not ok 6" -fi -geli detach md${no} + # We cannot use keyfile2 anymore. + atf_check -s not-exit:0 -e match:"Wrong key" \ + geli attach -p -k keyfile2 ${md} -# We cannot use keyfile2 anymore. -geli attach -p -k $keyfile2 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 7" -else - echo "not ok 7" -fi + # Attach with key 0. + atf_check geli attach -p -k keyfile3 ${md} -# Attach with key 0. -geli attach -p -k $keyfile3 md${no} -if [ $? -eq 0 ]; then - echo "ok 8" -else - echo "not ok 8" -fi + # Setup key 1. + atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md} + atf_check geli detach ${md} -# Setup key 1. -geli setkey -n 1 -P -K $keyfile4 md${no} -if [ $? -eq 0 ]; then - echo "ok 9" -else - echo "not ok 9" -fi -geli detach md${no} + # Remove key 1 for detached provider. + atf_check geli delkey -n 1 ${md} -# Remove key 1 for detached provider. -geli delkey -n 1 md${no} -if [ $? -eq 0 ]; then - echo "ok 10" -else - echo "not ok 10" -fi + # We cannot use keyfile4 anymore. + atf_check -s not-exit:0 -e match:"Wrong key" \ + geli attach -p -k keyfile4 ${md} -# We cannot use keyfile4 anymore. -geli attach -p -k $keyfile4 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 11" -else - echo "not ok 11" -fi + # We cannot remove last key without -f option (for detached provider). + atf_check -s not-exit:0 -e match:"This is the last Master Key" \ + geli delkey -n 0 ${md} -# We cannot remove last key without -f option (for detached provider). -geli delkey -n 0 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 12" -else - echo "not ok 12" -fi + # Remove last key for detached provider. + atf_check geli delkey -f -n 0 ${md} -# Remove last key for detached provider. -geli delkey -f -n 0 md${no} -if [ $? -eq 0 ]; then - echo "ok 13" -else - echo "not ok 13" -fi + # We cannot use keyfile3 anymore. + atf_check -s not-exit:0 -e match:"No valid keys" \ + geli attach -p -k keyfile3 ${md} +} +delkey_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} -# We cannot use keyfile3 anymore. -geli attach -p -k $keyfile3 md${no} 2>/dev/null -if [ $? -ne 0 ]; then - echo "ok 14" -else - echo "not ok 14" -fi +atf_test_case delkey_readonly cleanup +delkey_readonly_head() +{ + atf_set "descr" "geli delkey cannot work on a read-only provider" + atf_set "require.user" "root" +} +delkey_readonly_body() +{ + . $(atf_get_srcdir)/conf.sh -rm -f $keyfile1 $keyfile2 $keyfile3 $keyfile4 + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + atf_check geli init -B none -P -K keyfile ${md} + atf_check geli attach -r -p -k keyfile ${md} + + atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md} + # Even with -f (force) it should still fail + atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md} +} +delkey_readonly_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case delkey + atf_add_test_case delkey_readonly +} Copied: stable/11/tests/sys/geom/class/eli/detach_test.sh (from r327662, head/tests/sys/geom/class/eli/detach_test.sh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/11/tests/sys/geom/class/eli/detach_test.sh Fri Feb 2 21:57:00 2018 (r328811, copy of r327662, head/tests/sys/geom/class/eli/detach_test.sh) @@ -0,0 +1,46 @@ +# $FreeBSD$ + +atf_test_case detach_l cleanup +detach_l_head() +{ + atf_set "descr" "geli detach -l will cause a provider to detach on last close" + atf_set "require.user" "root" +} +detach_l_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + atf_check geli init -B none -P -K keyfile ${md} + atf_check geli attach -p -k keyfile ${md} + + # Be sure it doesn't detach before 'detach -l'. + atf_check dd if=/dev/${md}.eli of=/dev/null status=none + sleep 1 + if [ ! -c /dev/${md}.eli ]; then + atf_fail "provider detached on last close without detach -l" + fi + atf_check geli detach -l ${md} + if [ ! -c /dev/${md}.eli ]; then + atf_fail "Provider detached before last close" + fi + atf_check dd if=/dev/${md}.eli of=/dev/null status=none + sleep 1 + if [ -c /dev/${md}.eli ]; then + atf_fail "Provider did not detach on last close" + fi +} +detach_l_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_init_test_cases() +{ + atf_add_test_case detach_l +} Modified: stable/11/tests/sys/geom/class/eli/init_test.sh ============================================================================== --- stable/11/tests/sys/geom/class/eli/init_test.sh Fri Feb 2 21:52:00 2018 (r328810) +++ stable/11/tests/sys/geom/class/eli/init_test.sh Fri Feb 2 21:57:00 2018 (r328811) @@ -1,55 +1,392 @@ #!/bin/sh # $FreeBSD$ -. $(dirname $0)/conf.sh +init_test() +{ + cipher=$1 + secsize=$2 + ealgo=${cipher%%:*} + keylen=${cipher##*:} -base=`basename $0` -sectors=32 -keyfile=`mktemp $base.XXXXXX` || exit 1 -rnd=`mktemp $base.XXXXXX` || exit 1 + atf_check -s exit:0 -e ignore \ + geli init -B none -e $ealgo -l $keylen -P -K keyfile \ + -s $secsize ${md} + atf_check geli attach -p -k keyfile ${md} -echo "1..200" + atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} \ + status=none -do_test() { + md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` + atf_check_equal 0 $? + md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` + atf_check_equal 0 $? + md_edev=`dd if=/dev/${md} bs=${secsize} count=${sectors} status=none | md5` + atf_check_equal 0 $? + + if [ ${md_rnd} != ${md_ddev} ]; then + atf_fail "Miscompare for ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi + if [ ${md_rnd} == ${md_edev} ]; then + atf_fail "Data was not encrypted for ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi +} +atf_test_case init cleanup +init_head() +{ + atf_set "descr" "Basic I/O with geli" + atf_set "require.user" "root" + atf_set "timeout" 600 +} +init_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=32 + + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=${sectors} \ + status=none + for_each_geli_config_nointegrity init_test +} +init_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_test_case init_B cleanup +init_B_head() +{ + atf_set "descr" "init -B can select an alternate backup metadata file" + atf_set "require.user" "root" +} +init_B_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + md=$(attach_md -t malloc -s $sectors) + + # -B none + rm -f /var/backups/${md}.eli + atf_check -s exit:0 -o ignore geli init -B none -P -K keyfile ${md} + if [ -f /var/backups/${md}.eli ]; then + atf_fail "geli created a backup file even with -B none" + fi + + # no -B + rm -f /var/backups/${md}.eli + atf_check -s exit:0 -o ignore geli init -P -K keyfile ${md} + if [ ! -f /var/backups/${md}.eli ]; then + atf_fail "geli did not create a backup file" + fi + atf_check geli clear ${md} + atf_check -s not-exit:0 -e ignore geli attach -p -k keyfile ${md} + atf_check -s exit:0 -o ignore geli restore /var/backups/${md}.eli ${md} + atf_check -s exit:0 -o ignore geli attach -p -k keyfile ${md} + atf_check geli detach ${md} + rm -f /var/backups/${md}.eli + + # -B file + rm -f backupfile + atf_check -s exit:0 -o ignore \ + geli init -B backupfile -P -K keyfile ${md} + if [ ! -f backupfile ]; then + atf_fail "geli init -B did not create a backup file" + fi + atf_check geli clear ${md} + atf_check -s not-exit:0 -e ignore geli attach -p -k keyfile ${md} + atf_check geli restore backupfile ${md} + atf_check geli attach -p -k keyfile ${md} +} +init_B_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_test_case init_J cleanup +init_J_head() +{ + atf_set "descr" "init -J accepts a passfile" + atf_set "require.user" "root" +} +init_J_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + + atf_check dd if=/dev/random of=keyfile0 bs=512 count=16 status=none + atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none + dd if=/dev/random bs=512 count=16 status=none | sha1 > passfile0 + atf_check_equal 0 $? + dd if=/dev/random bs=512 count=16 status=none | sha1 > passfile1 + atf_check_equal 0 $? + + for iter in -1 0 64; do + atf_check -s not-exit:0 -e ignore \ + geli init -i ${iter} -B none -J passfile0 -P ${md} + atf_check -s not-exit:0 -e ignore \ + geli init -i ${iter} -B none -J passfile0 -P -K keyfile0 ${md} + atf_check geli init -i ${iter} -B none -J passfile0 -K keyfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -p ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j keyfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k passfile0 -p ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j keyfile0 -k passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j keyfile0 -k keyfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j passfile0 -k passfile0 ${md} + atf_check -s exit:0 -e ignore \ + geli attach -j passfile0 -k keyfile0 ${md} + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat keyfile0 | geli attach -j passfile0 -k - ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat passfile0 | geli attach -j - -k keyfile0 ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + + atf_check -s not-exit:0 -e ignore \ + geli init -i ${iter} -B none -J passfile0 -J passfile1 -P ${md} + atf_check -s not-exit:0 -e ignore \ + geli init -i ${iter} -B none -J passfile0 -J passfile1 -P -K keyfile0 -K keyfile1 ${md} + atf_check -s exit:0 -e ignore \ + geli init -i ${iter} -B none -J passfile0 -J passfile1 -K keyfile0 -K keyfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -p ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -p ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -k keyfile1 -p ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -j passfile0 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -j passfile0 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -j passfile0 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -k keyfile1 -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -k keyfile1 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -k keyfile0 -j passfile0 -j passfile1 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile0 -k keyfile1 -j passfile1 -j passfile0 ${md} + atf_check -s not-exit:0 -e ignore \ + geli attach -k keyfile1 -k keyfile0 -j passfile1 -j passfile0 ${md} + atf_check -s exit:0 -e ignore \ + geli attach -j passfile0 -j passfile1 -k keyfile0 -k keyfile1 ${md} + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat passfile0 | geli attach -j - -j passfile1 -k keyfile0 -k keyfile1 ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat passfile1 | geli attach -j passfile0 -j - -k keyfile0 -k keyfile1 ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat keyfile0 | geli attach -j passfile0 -j passfile1 -k - -k keyfile1 ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat keyfile1 | geli attach -j passfile0 -j passfile1 -k keyfile0 -k - ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat keyfile0 keyfile1 | geli attach -j passfile0 -j passfile1 -k - ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + atf_check -s exit:0 -e ignore -x \ + "cat passfile0 passfile1 | awk '{printf \"%s\", \$0}' | geli attach -j - -k keyfile0 -k keyfile1 ${md}" + atf_check -s exit:0 -e ignore geli detach ${md} + done +} +init_J_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +init_a_test() +{ cipher=$1 - secsize=$2 + aalgo=$2 + secsize=$3 ealgo=${cipher%%:*} keylen=${cipher##*:} - mdconfig -a -t malloc -s `expr $secsize \* $sectors + 512`b -u $no || exit 1 + atf_check -s exit:0 -e ignore \ + geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K keyfile \ + -s $secsize ${md} + atf_check geli attach -p -k keyfile ${md} - geli init -B none -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null - geli attach -p -k $keyfile md${no} + atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none - secs=`diskinfo /dev/md${no}.eli | awk '{print $4}'` + md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5` + atf_check_equal 0 $? + md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${sectors} status=none | md5` + atf_check_equal 0 $? - dd if=/dev/random of=${rnd} bs=${secsize} count=${secs} >/dev/null 2>&1 - dd if=${rnd} of=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null + if [ ${md_rnd} != ${md_ddev} ]; then + atf_fail "Miscompare for aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + fi +} +atf_test_case init_a cleanup +init_a_head() +{ + atf_set "descr" "I/O with geli and HMACs" + atf_set "require.user" "root" + atf_set "timeout" 3600 +} +init_a_body() +{ + . $(atf_get_srcdir)/conf.sh - md_rnd=`dd if=${rnd} bs=${secsize} count=${secs} 2>/dev/null | md5` - md_ddev=`dd if=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null | md5` - md_edev=`dd if=/dev/md${no} bs=${secsize} count=${secs} 2>/dev/null | md5` + sectors=100 - if [ ${md_rnd} = ${md_ddev} ]; then - echo "ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}" - else - echo "not ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=${sectors} \ + status=none + for_each_geli_config init_a_test + true +} +init_a_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +init_alias_test() { + ealgo=$1 + keylen=$2 + expected_ealgo=$3 + expected_keylen=$4 + + atf_check geli init -B none -e $ealgo -l $keylen -P -K keyfile ${md} + atf_check geli attach -p -k keyfile ${md} + real_ealgo=`geli list ${md}.eli | awk '/EncryptionAlgorithm/ {print $2}'` + real_keylen=`geli list ${md}.eli | awk '/KeyLength/ {print $2}'` + + if [ "${real_ealgo}" != "${expected_ealgo}" ]; then + atf_fail "expected ${expected_ealgo} but got ${real_ealgo}" fi - i=$((i+1)) - if [ ${md_rnd} != ${md_edev} ]; then - echo "ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}" - else - echo "not ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}" + + if [ "${real_keylen}" != "${expected_keylen}" ]; then + atf_fail "expected ${expected_keylen} but got ${real_keylen}" fi - i=$((i+1)) + atf_check geli detach ${md} +} +atf_test_case init_alias cleanup +init_alias_head() +{ + atf_set "descr" "geli init accepts cipher aliases" + atf_set "require.user" "root" +} +init_alias_body() +{ + . $(atf_get_srcdir)/conf.sh - geli detach md${no} - mdconfig -d -u $no + md=$(attach_md -t malloc -s 1024k) + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + for spec in aes:0:AES-XTS:128 aes:128:AES-XTS:128 aes:256:AES-XTS:256 \ + 3des:0:3DES-CBC:192 3des:192:3DES-CBC:192 \ + blowfish:0:Blowfish-CBC:128 blowfish:128:Blowfish-CBC:128 \ + blowfish:160:Blowfish-CBC:160 blowfish:192:Blowfish-CBC:192 \ + blowfish:224:Blowfish-CBC:224 blowfish:256:Blowfish-CBC:256 \ + blowfish:288:Blowfish-CBC:288 blowfish:352:Blowfish-CBC:352 \ + blowfish:384:Blowfish-CBC:384 blowfish:416:Blowfish-CBC:416 \ + blowfish:448:Blowfish-CBC:448 \ + camellia:0:CAMELLIA-CBC:128 camellia:128:CAMELLIA-CBC:128 \ + camellia:256:CAMELLIA-CBC:256 ; do + + ealgo=`echo $spec | cut -d : -f 1` + keylen=`echo $spec | cut -d : -f 2` + expected_ealgo=`echo $spec | cut -d : -f 3` + expected_keylen=`echo $spec | cut -d : -f 4` + + init_alias_test $ealgo $keylen $expected_ealgo $expected_keylen + done } +init_alias_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} -i=1 -dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1 -for_each_geli_config_nointegrity do_test +atf_test_case init_i_P cleanup +init_i_P_head() +{ + atf_set "descr" "geli: Options -i and -P are mutually exclusive" + atf_set "require.user" "root" +} +init_i_P_body() +{ + . $(atf_get_srcdir)/conf.sh -rm -f $rnd -rm -f $keyfile + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + + atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none + + atf_check -s not-exit:0 -e "match:Options -i and -P are mutually exclusive"\ + geli init -B none -i 64 -P -K keyfile $md +} +init_i_P_cleanup() +{ + . $(atf_get_srcdir)/conf.sh + geli_test_cleanup +} + +atf_test_case nokey cleanup +nokey_head() +{ + atf_set "descr" "geli init fails if called with no key component" + atf_set "require.user" "root" +} +nokey_body() +{ + . $(atf_get_srcdir)/conf.sh + + sectors=100 + md=$(attach_md -t malloc -s `expr $sectors + 1`) + + atf_check -s not-exit:0 -e match:"No key components given" \ + geli init -B none -P ${md} +} +nokey_cleanup() *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***