4 # Copyright (C) 2019 Red Hat, Inc.
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 owner
=mlevitsk@redhat.com
24 echo "QA output created by $seq"
26 status
=1 # failure is the default!
32 trap "_cleanup; exit \$status" 0 1 2 3 15
34 # get standard environment, filters and checks
39 _supported_proto
file fuse
#TODO
41 QEMU_IO_OPTIONS
=$QEMU_IO_OPTIONS_NO_FMT
43 # you are supposed to see the password as *******, see :-)
44 S0
="--object secret,id=sec0,data=hunter0"
45 S1
="--object secret,id=sec1,data=hunter1"
49 IMGS0
="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec0"
50 IMGS1
="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec1"
52 echo "== creating a test image =="
53 _make_test_img
$S0 -o "key-secret=sec0,iter-time=10" 32M
56 echo "== test that key 0 opens the image =="
57 $QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
60 echo "== adding a password to slot 1 =="
61 $QEMU_IMG amend
$SECRETS $IMGS0 -o state
=active
,new-secret
=sec1
,keyslot
=1,iter-time
=10
64 echo "== 'backup' the image header =="
65 dd if=$TEST_IMG_FILE of
=${TEST_IMG_FILE}.bk bs
=4K skip
=0 count
=1
68 echo "== erase slot 0 =="
69 $QEMU_IMG amend
$SECRETS $IMGS1 -o state
=inactive
,keyslot
=0 | _filter_img_create
72 echo "== test that key 0 doesn't open the image =="
73 $QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
76 echo "== 'restore' the image header =="
77 dd if=${TEST_IMG_FILE}.bk of
=${TEST_IMG_FILE} bs
=4K skip
=0 count
=1 conv
=notrunc
80 echo "== test that key 0 still doesn't open the image (key material is erased) =="
81 $QEMU_IO $SECRETS -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
84 echo "== test that key 1 still works =="
85 $QEMU_IO $SECRETS -c "read 0 4096" $IMGS1 | _filter_qemu_io | _filter_testdir