summaryrefslogtreecommitdiffstats
path: root/debian/tests/cryptdisks.init
diff options
context:
space:
mode:
Diffstat (limited to 'debian/tests/cryptdisks.init')
-rwxr-xr-xdebian/tests/cryptdisks.init84
1 files changed, 84 insertions, 0 deletions
diff --git a/debian/tests/cryptdisks.init b/debian/tests/cryptdisks.init
new file mode 100755
index 0000000..408c325
--- /dev/null
+++ b/debian/tests/cryptdisks.init
@@ -0,0 +1,84 @@
+#!/bin/bash
+
+set -eu
+PATH="/usr/bin:/bin:/usr/sbin:/sbin"
+export PATH
+
+if [ -d /run/systemd/system ]; then
+ export SYSTEMCTL_SKIP_REDIRECT="y"
+ # systemd masks cryptdisks.service and we can't unmask it because /etc/init.d is the only source
+ rm -f -- $(systemctl show -p FragmentPath --value cryptdisks.service)
+ systemctl daemon-reload
+fi
+
+# create 64M zero devices
+dmsetup create disk0 --table "0 $(( 64 * 2*1024)) zero"
+dmsetup create disk1 --table "0 $(( 64 * 2*1024)) zero"
+dmsetup create disk2 --table "0 $(( 64 * 2*1024)) zero"
+dmsetup create disk3 --table "0 $((128 * 2*1024)) zero"
+
+# join disk #1 and #2
+dmsetup create disk12 <<-EOF
+ 0 $((64 * 2*1024)) linear /dev/mapper/disk1 0
+ $((64 * 2*1024)) $((64 * 2*1024)) linear /dev/mapper/disk2 0
+EOF
+
+cipher="aes-cbc-essiv:sha256"
+size=32 # bytes
+cat >/etc/crypttab <<-EOF
+ crypt_disk0 /dev/mapper/disk0 /dev/urandom plain,cipher=$cipher,size=$((8*size))
+ crypt_disk0a /dev/mapper/crypt_disk0 /dev/urandom plain,cipher=$cipher,size=$((8*size))
+ crypt_disk12 /dev/mapper/disk12 /dev/urandom plain,cipher=$cipher,size=$((8*size))
+ crypt_disk3 /dev/mapper/disk3 /dev/urandom plain,cipher=$cipher,size=$((8*size))
+ crypt_disk3b /dev/mapper/crypt_disk3 /dev/urandom plain,cipher=$cipher,size=$((8*size)),offset=$(( 64 * 2*1024))
+ crypt_disk3b0 /dev/mapper/crypt_disk3b /dev/urandom plain,cipher=$cipher,size=$((8*size))
+EOF
+
+/etc/init.d/cryptdisks start
+
+# now add crypt_disk3a (preceeding crypt_disk3b) with a size limit (can't do that via crypttab but dmsetup allows it)
+dmsetup create crypt_disk3a --uuid "CRYPT-PLAIN-crypt_disk3a" --addnodeoncreate <<-EOF
+ 0 $((64 * 2*1024)) crypt $cipher $(xxd -l$size -ps -c256 </dev/urandom) 0 /dev/mapper/crypt_disk3 0
+EOF
+
+lsblk
+# disk0 253:0 0 64M 0 dm
+# └─crypt_disk0 253:5 0 64M 0 crypt
+# └─crypt_disk0a 253:6 0 64M 0 crypt
+# disk1 253:1 0 64M 0 dm
+# └─disk12 253:4 0 128M 0 dm
+# └─crypt_disk12 253:7 0 128M 0 crypt
+# disk2 253:2 0 64M 0 dm
+# └─disk12 253:4 0 128M 0 dm
+# └─crypt_disk12 253:7 0 128M 0 crypt
+#disk3 253:3 0 128M 0 dm
+#└─crypt_disk3 253:8 0 128M 0 crypt
+# ├─crypt_disk3b 253:9 0 64M 0 crypt
+# │ └─crypt_disk3b0 253:10 0 64M 0 crypt
+# └─crypt_disk3a 253:11 0 64M 0 dm
+
+# check device-mapper table (crypt target only)
+# https://gitlab.com/cryptsetup/cryptsetup/-/wikis/DMCrypt
+# <start_sector> <size> "crypt" <target mapping table> <cipher> <key> <iv_offset> <device path> <offset> [<#opt_params> <opt_params>]
+dmsetup table --target="crypt" >"$AUTOPKGTEST_TMP/table"
+sed -ri "s/\\s+0{$((2*size))}(\\s+[0-9]+)\\s+[0-9]+:[0-9]+(\s|$)/\\1\\2/" -- "$AUTOPKGTEST_TMP/table"
+LC_ALL=C sort -t: -k1,1 <"$AUTOPKGTEST_TMP/table" >"$AUTOPKGTEST_TMP/table2"
+
+diff -u --color=auto --label="a/table" --label="b/table" -- - "$AUTOPKGTEST_TMP/table2" <<-EOF
+ crypt_disk0: 0 $((64 * 2*1024)) crypt $cipher 0 0
+ crypt_disk0a: 0 $((64 * 2*1024)) crypt $cipher 0 0
+ crypt_disk12: 0 $((2*64 * 2*1024)) crypt $cipher 0 0
+ crypt_disk3: 0 $((128 * 2*1024)) crypt $cipher 0 0
+ crypt_disk3a: 0 $((64 * 2*1024)) crypt $cipher 0 0
+ crypt_disk3b: 0 $((64 * 2*1024)) crypt $cipher 0 $((64 * 2*1024))
+ crypt_disk3b0: 0 $((64 * 2*1024)) crypt $cipher 0 0
+EOF
+
+# close disks and ensure there no leftover devices
+/etc/init.d/cryptdisks stop
+dmsetup table --target="crypt" >"$AUTOPKGTEST_TMP/table"
+if [ -s "$AUTOPKGTEST_TMP/table" ]; then
+ echo "ERROR: leftover crypt devices" >&2
+ cat <"$AUTOPKGTEST_TMP/table"
+ exit 1
+fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 23:00:35 +0000