Toshaan Bharvani
3 years ago
commit
59cf00642d
13 changed files with 6475 additions and 0 deletions
@ -0,0 +1,27 @@
@@ -0,0 +1,27 @@
|
||||
From 2da13152619ee7233650339797657b45088b2219 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 18 Aug 2020 09:44:29 +0200 |
||||
Subject: [PATCH] dm: Fix comparing DM RAID member devices UUID |
||||
|
||||
There is no "UUID" property in UDev we must use the "ID_FS_UUID" |
||||
one. |
||||
This comparison works only because most DM RAID members don't have |
||||
UUID so the check is skipped, but it fails for DDF RAID members |
||||
which have a special GUID/UUID in UDev database. |
||||
--- |
||||
src/plugins/dm.c | 2 +- |
||||
1 file changed, 1 insertion(+), 1 deletion(-) |
||||
|
||||
diff --git a/src/plugins/dm.c b/src/plugins/dm.c |
||||
index a6412028..4ab0d2a4 100644 |
||||
--- a/src/plugins/dm.c |
||||
+++ b/src/plugins/dm.c |
||||
@@ -482,7 +482,7 @@ static gboolean raid_dev_matches_spec (struct raid_dev *raid_dev, const gchar *n |
||||
|
||||
context = udev_new (); |
||||
device = udev_device_new_from_subsystem_sysname (context, "block", dev_name); |
||||
- dev_uuid = udev_device_get_property_value (device, "UUID"); |
||||
+ dev_uuid = udev_device_get_property_value (device, "ID_FS_UUID"); |
||||
major_str = udev_device_get_property_value (device, "MAJOR"); |
||||
minor_str = udev_device_get_property_value (device, "MINOR"); |
||||
|
@ -0,0 +1,97 @@
@@ -0,0 +1,97 @@
|
||||
From 5d29bc014a33d9bdc1c5fb4b8add2f38850f46a8 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 24 Feb 2021 14:44:03 +0100 |
||||
Subject: [PATCH] crypto: Fix default key size for non XTS ciphers |
||||
|
||||
512 bits should be default only for AES-XTS which needs two keys, |
||||
default for other modes must be 256 bits. |
||||
|
||||
resolves: rhbz#1931847 |
||||
--- |
||||
src/plugins/crypto.c | 11 +++++++++-- |
||||
src/plugins/crypto.h | 2 +- |
||||
tests/crypto_test.py | 36 ++++++++++++++++++++++++++++++++++++ |
||||
3 files changed, 46 insertions(+), 3 deletions(-) |
||||
|
||||
diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c |
||||
index f4a2e8f0..1e7043fa 100644 |
||||
--- a/src/plugins/crypto.c |
||||
+++ b/src/plugins/crypto.c |
||||
@@ -774,8 +774,15 @@ static gboolean luks_format (const gchar *device, const gchar *cipher, guint64 k |
||||
return FALSE; |
||||
} |
||||
|
||||
- /* resolve requested/default key_size (should be in bytes) */ |
||||
- key_size = (key_size != 0) ? (key_size / 8) : (DEFAULT_LUKS_KEYSIZE_BITS / 8); |
||||
+ if (key_size == 0) { |
||||
+ if (g_str_has_prefix (cipher_specs[1], "xts-")) |
||||
+ key_size = DEFAULT_LUKS_KEYSIZE_BITS * 2; |
||||
+ else |
||||
+ key_size = DEFAULT_LUKS_KEYSIZE_BITS; |
||||
+ } |
||||
+ |
||||
+ /* key_size should be in bytes */ |
||||
+ key_size = key_size / 8; |
||||
|
||||
/* wait for enough random data entropy (if requested) */ |
||||
if (min_entropy > 0) { |
||||
diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h |
||||
index 71a1438d..a38724d9 100644 |
||||
--- a/src/plugins/crypto.h |
||||
+++ b/src/plugins/crypto.h |
||||
@@ -36,7 +36,7 @@ typedef enum { |
||||
/* 20 chars * 6 bits per char (64-item charset) = 120 "bits of security" */ |
||||
#define BD_CRYPTO_BACKUP_PASSPHRASE_LENGTH 20 |
||||
|
||||
-#define DEFAULT_LUKS_KEYSIZE_BITS 512 |
||||
+#define DEFAULT_LUKS_KEYSIZE_BITS 256 |
||||
#define DEFAULT_LUKS_CIPHER "aes-xts-plain64" |
||||
#define DEFAULT_LUKS2_SECTOR_SIZE 512 |
||||
|
||||
diff --git a/tests/crypto_test.py b/tests/crypto_test.py |
||||
index 0609a070..0aecc032 100644 |
||||
--- a/tests/crypto_test.py |
||||
+++ b/tests/crypto_test.py |
||||
@@ -236,6 +236,42 @@ def test_luks2_format(self): |
||||
self.fail("Failed to get pbkdf information from:\n%s %s" % (out, err)) |
||||
self.assertEqual(int(m.group(1)), 5) |
||||
|
||||
+ def _get_luks1_key_size(self, device): |
||||
+ _ret, out, err = run_command("cryptsetup luksDump %s" % device) |
||||
+ m = re.search(r"MK bits:\s*(\S+)\s*", out) |
||||
+ if not m or len(m.groups()) != 1: |
||||
+ self.fail("Failed to get key size information from:\n%s %s" % (out, err)) |
||||
+ key_size = m.group(1) |
||||
+ if not key_size.isnumeric(): |
||||
+ self.fail("Failed to get key size information from: %s" % key_size) |
||||
+ return int(key_size) |
||||
+ |
||||
+ @tag_test(TestTags.SLOW, TestTags.CORE) |
||||
+ def test_luks_format_key_size(self): |
||||
+ """Verify that formating device as LUKS works""" |
||||
+ |
||||
+ # aes-xts: key size should default to 512 |
||||
+ succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 0, PASSWD, None, 0) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ key_size = self._get_luks1_key_size(self.loop_dev) |
||||
+ self.assertEqual(key_size, 512) |
||||
+ |
||||
+ # aes-cbc: key size should default to 256 |
||||
+ succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-cbc-essiv:sha256", 0, PASSWD, None, 0) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ key_size = self._get_luks1_key_size(self.loop_dev) |
||||
+ self.assertEqual(key_size, 256) |
||||
+ |
||||
+ # try specifying key size for aes-xts |
||||
+ succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 256, PASSWD, None, 0) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ key_size = self._get_luks1_key_size(self.loop_dev) |
||||
+ self.assertEqual(key_size, 256) |
||||
+ |
||||
+ |
||||
class CryptoTestResize(CryptoTestCase): |
||||
|
||||
def _get_key_location(self, device): |
@ -0,0 +1,178 @@
@@ -0,0 +1,178 @@
|
||||
From 98cb3b9cf2046ba6e33db6ff400449c6a4827932 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Thu, 29 Apr 2021 12:38:49 +0200 |
||||
Subject: [PATCH 1/8] kbd: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/kbd.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/kbd.c b/src/plugins/kbd.c |
||||
index a2908ecb..d5ae0ed7 100644 |
||||
--- a/src/plugins/kbd.c |
||||
+++ b/src/plugins/kbd.c |
||||
@@ -1035,6 +1035,7 @@ gboolean bd_kbd_bcache_destroy (const gchar *bcache_device, GError **error) { |
||||
|
||||
if (c_set_uuid) { |
||||
path = g_strdup_printf ("/sys/fs/bcache/%s/stop", c_set_uuid); |
||||
+ g_free (c_set_uuid); |
||||
success = bd_utils_echo_str_to_file ("1", path, error); |
||||
g_free (path); |
||||
if (!success) { |
||||
|
||||
From c6d226c70996f6006a3f6eff13f8264f03e95c4f Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:22:58 +0200 |
||||
Subject: [PATCH 2/8] crypto: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/crypto.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c |
||||
index 1e7043fa..4fad9a85 100644 |
||||
--- a/src/plugins/crypto.c |
||||
+++ b/src/plugins/crypto.c |
||||
@@ -1275,6 +1275,7 @@ gboolean bd_crypto_luks_add_key (const gchar *device, const gchar *pass, const g |
||||
success = g_file_get_contents (nkey_file, &nkey_buf, &nbuf_len, error); |
||||
if (!success) { |
||||
g_prefix_error (error, "Failed to load key from file '%s': ", nkey_file); |
||||
+ g_free (key_buf); |
||||
return FALSE; |
||||
} |
||||
} else |
||||
|
||||
From 41b460fb81cf066e7ddc0bdda7f34db5e90b9f79 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:23:24 +0200 |
||||
Subject: [PATCH 3/8] dm: Fix memory leak in the DM plugin and DM logging |
||||
redirect function |
||||
|
||||
--- |
||||
src/plugins/dm.c | 3 ++- |
||||
1 file changed, 2 insertions(+), 1 deletion(-) |
||||
|
||||
diff --git a/src/plugins/dm.c b/src/plugins/dm.c |
||||
index fb4e50b5..c9a735ed 100644 |
||||
--- a/src/plugins/dm.c |
||||
+++ b/src/plugins/dm.c |
||||
@@ -245,7 +245,8 @@ gchar* bd_dm_name_from_node (const gchar *dm_node, GError **error) { |
||||
g_free (sys_path); |
||||
|
||||
if (!success) { |
||||
- /* errror is already populated */ |
||||
+ /* error is already populated */ |
||||
+ g_free (ret); |
||||
return NULL; |
||||
} |
||||
|
||||
|
||||
From 8d085fbb15c18ca91a5eff89192391c5a0b3bb7a Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:24:14 +0200 |
||||
Subject: [PATCH 4/8] fs: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/fs/mount.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/fs/mount.c b/src/plugins/fs/mount.c |
||||
index 43d64e8c..46e03ca4 100644 |
||||
--- a/src/plugins/fs/mount.c |
||||
+++ b/src/plugins/fs/mount.c |
||||
@@ -541,6 +541,7 @@ static gboolean run_as_user (MountFunc func, MountArgs *args, uid_t run_as_uid, |
||||
"Unknoen error while reading error."); |
||||
g_io_channel_unref (channel); |
||||
close (pipefd[0]); |
||||
+ g_free (error_msg); |
||||
return FALSE; |
||||
} |
||||
|
||||
|
||||
From 6c45f4ef1fc898d71cc2f13670adb508a6037c66 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:26:24 +0200 |
||||
Subject: [PATCH 5/8] kbd: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/kbd.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/kbd.c b/src/plugins/kbd.c |
||||
index d5ae0ed7..ff8bde17 100644 |
||||
--- a/src/plugins/kbd.c |
||||
+++ b/src/plugins/kbd.c |
||||
@@ -1255,6 +1255,7 @@ static gboolean get_cache_size_used (const gchar *cache_dev_sys, guint64 *size, |
||||
g_io_channel_unref (file); |
||||
|
||||
if (!found) { |
||||
+ g_free (line); |
||||
g_set_error (error, BD_KBD_ERROR, BD_KBD_ERROR_BCACHE_INVAL, |
||||
"Failed to get cache usage data"); |
||||
return FALSE; |
||||
|
||||
From 4f4e93dfca36421eb0e0cb2dec5d48df5bc2f363 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:26:37 +0200 |
||||
Subject: [PATCH 6/8] lvm-dbus: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/lvm-dbus.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/lvm-dbus.c b/src/plugins/lvm-dbus.c |
||||
index b7b4480e..144551f5 100644 |
||||
--- a/src/plugins/lvm-dbus.c |
||||
+++ b/src/plugins/lvm-dbus.c |
||||
@@ -2927,6 +2927,7 @@ gboolean bd_lvm_cache_detach (const gchar *vg_name, const gchar *cached_lv, gboo |
||||
lv_id = g_strdup_printf ("%s/%s", vg_name, cached_lv); |
||||
call_lvm_obj_method_sync (lv_id, CACHED_LV_INTF, "DetachCachePool", params, NULL, extra, TRUE, error); |
||||
g_free (lv_id); |
||||
+ g_free (cache_pool_name); |
||||
return ((*error) == NULL); |
||||
} |
||||
|
||||
|
||||
From 410a10bc2cfceeb550d72456573d4722b4207ddc Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:27:22 +0200 |
||||
Subject: [PATCH 7/8] mdraid: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/mdraid.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/mdraid.c b/src/plugins/mdraid.c |
||||
index 74af744c..b97bc641 100644 |
||||
--- a/src/plugins/mdraid.c |
||||
+++ b/src/plugins/mdraid.c |
||||
@@ -1332,6 +1332,7 @@ gchar* bd_md_name_from_node (const gchar *node, GError **error) { |
||||
continue; |
||||
} |
||||
node_name = g_path_get_basename (dev_path); |
||||
+ g_free (dev_path); |
||||
if (g_strcmp0 (node_name, node) == 0) { |
||||
found = TRUE; |
||||
name = g_path_get_basename (*path_p); |
||||
|
||||
From 0d49e5d190e24fa89ae2795714d0276f24285b19 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Fri, 25 Sep 2020 14:27:54 +0200 |
||||
Subject: [PATCH 8/8] swap: Fix memory leak |
||||
|
||||
--- |
||||
src/plugins/swap.c | 1 + |
||||
1 file changed, 1 insertion(+) |
||||
|
||||
diff --git a/src/plugins/swap.c b/src/plugins/swap.c |
||||
index 102780a7..115f8fca 100644 |
||||
--- a/src/plugins/swap.c |
||||
+++ b/src/plugins/swap.c |
||||
@@ -417,6 +417,7 @@ gboolean bd_swap_swapstatus (const gchar *device, GError **error) { |
||||
if (!real_device) { |
||||
/* the device doesn't exist and thus is not an active swap */ |
||||
g_clear_error (error); |
||||
+ g_free (file_content); |
||||
return FALSE; |
||||
} |
||||
} |
@ -0,0 +1,296 @@
@@ -0,0 +1,296 @@
|
||||
From cc522ec3717d909370af6181c7859c62fa0167df Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Mon, 22 Feb 2021 15:40:56 +0100 |
||||
Subject: [PATCH 1/2] fs: Allow using empty label for vfat with newest |
||||
dosfstools |
||||
|
||||
--- |
||||
src/plugins/fs/vfat.c | 11 +++++++++++ |
||||
1 file changed, 11 insertions(+) |
||||
|
||||
diff --git a/src/plugins/fs/vfat.c b/src/plugins/fs/vfat.c |
||||
index ff0c35a3..ce13f147 100644 |
||||
--- a/src/plugins/fs/vfat.c |
||||
+++ b/src/plugins/fs/vfat.c |
||||
@@ -232,10 +232,21 @@ gboolean bd_fs_vfat_repair (const gchar *device, const BDExtraArg **extra, GErro |
||||
*/ |
||||
gboolean bd_fs_vfat_set_label (const gchar *device, const gchar *label, GError **error) { |
||||
const gchar *args[4] = {"fatlabel", device, label, NULL}; |
||||
+ UtilDep dep = {"fatlabel", "4.2", "--version", "fatlabel\\s+([\\d\\.]+).+"}; |
||||
+ gboolean new_vfat = FALSE; |
||||
|
||||
if (!check_deps (&avail_deps, DEPS_FATLABEL_MASK, deps, DEPS_LAST, &deps_check_lock, error)) |
||||
return FALSE; |
||||
|
||||
+ if (!label || g_strcmp0 (label, "") == 0) { |
||||
+ /* fatlabel >= 4.2 refuses to set empty label */ |
||||
+ new_vfat = bd_utils_check_util_version (dep.name, dep.version, |
||||
+ dep.ver_arg, dep.ver_regexp, |
||||
+ NULL); |
||||
+ if (new_vfat) |
||||
+ args[2] = "--reset"; |
||||
+ } |
||||
+ |
||||
return bd_utils_exec_and_report_error (args, NULL, error); |
||||
} |
||||
|
||||
|
||||
From c3c3583409c8ed8f99a840e0c70cc92ca1dd3c93 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 27 Apr 2021 14:06:59 +0200 |
||||
Subject: [PATCH 2/2] tests: Call fs_vfat_mkfs with "--mbr=n" extra option in |
||||
tests |
||||
|
||||
Without the option the newest dosfstools 4.2 will create a valid |
||||
MBR partition table with a simgle partition on the disk, see |
||||
dosfstools/dosfstools#95 for details. |
||||
--- |
||||
src/plugins/fs/vfat.c | 5 ++- |
||||
tests/fs_test.py | 76 +++++++++++++++++++++++++++++++++---------- |
||||
2 files changed, 62 insertions(+), 19 deletions(-) |
||||
|
||||
diff --git a/src/plugins/fs/vfat.c b/src/plugins/fs/vfat.c |
||||
index ce13f147..6cb82537 100644 |
||||
--- a/src/plugins/fs/vfat.c |
||||
+++ b/src/plugins/fs/vfat.c |
||||
@@ -234,6 +234,7 @@ gboolean bd_fs_vfat_set_label (const gchar *device, const gchar *label, GError * |
||||
const gchar *args[4] = {"fatlabel", device, label, NULL}; |
||||
UtilDep dep = {"fatlabel", "4.2", "--version", "fatlabel\\s+([\\d\\.]+).+"}; |
||||
gboolean new_vfat = FALSE; |
||||
+ GError *loc_error = NULL; |
||||
|
||||
if (!check_deps (&avail_deps, DEPS_FATLABEL_MASK, deps, DEPS_LAST, &deps_check_lock, error)) |
||||
return FALSE; |
||||
@@ -242,9 +243,11 @@ gboolean bd_fs_vfat_set_label (const gchar *device, const gchar *label, GError * |
||||
/* fatlabel >= 4.2 refuses to set empty label */ |
||||
new_vfat = bd_utils_check_util_version (dep.name, dep.version, |
||||
dep.ver_arg, dep.ver_regexp, |
||||
- NULL); |
||||
+ &loc_error); |
||||
if (new_vfat) |
||||
args[2] = "--reset"; |
||||
+ else |
||||
+ g_clear_error (&loc_error); |
||||
} |
||||
|
||||
return bd_utils_exec_and_report_error (args, NULL, error); |
||||
diff --git a/tests/fs_test.py b/tests/fs_test.py |
||||
index 239cb47c..2233db4f 100644 |
||||
--- a/tests/fs_test.py |
||||
+++ b/tests/fs_test.py |
||||
@@ -5,10 +5,13 @@ |
||||
import tempfile |
||||
from contextlib import contextmanager |
||||
import utils |
||||
-from utils import run, create_sparse_tempfile, mount, umount, TestTags, tag_test |
||||
+from utils import run, create_sparse_tempfile, mount, umount, TestTags, tag_test, run_command |
||||
+import re |
||||
import six |
||||
import overrides_hack |
||||
|
||||
+from distutils.version import LooseVersion |
||||
+ |
||||
from gi.repository import BlockDev, GLib |
||||
|
||||
|
||||
@@ -29,9 +32,20 @@ def mounted(device, where, ro=False): |
||||
yield |
||||
umount(where) |
||||
|
||||
+ |
||||
+def _get_dosfstools_version(): |
||||
+ _ret, out, _err = run_command("mkfs.vfat --help") |
||||
+ # mkfs.fat 4.1 (2017-01-24) |
||||
+ m = re.search(r"mkfs\.fat ([\d\.]+)", out) |
||||
+ if not m or len(m.groups()) != 1: |
||||
+ raise RuntimeError("Failed to determine dosfstools version from: %s" % out) |
||||
+ return LooseVersion(m.groups()[0]) |
||||
+ |
||||
+ |
||||
class FSTestCase(unittest.TestCase): |
||||
|
||||
requested_plugins = BlockDev.plugin_specs_from_names(("fs", "loop")) |
||||
+ _vfat_version = _get_dosfstools_version() |
||||
|
||||
@classmethod |
||||
def setUpClass(cls): |
||||
@@ -66,6 +80,11 @@ def setUp(self): |
||||
|
||||
self.mount_dir = tempfile.mkdtemp(prefix="libblockdev.", suffix="ext4_test") |
||||
|
||||
+ if self._vfat_version <= LooseVersion("4.1"): |
||||
+ self._mkfs_options = None |
||||
+ else: |
||||
+ self._mkfs_options = [BlockDev.ExtraArg.new("--mbr=n", "")] |
||||
+ |
||||
def _clean_up(self): |
||||
try: |
||||
utils.delete_lio_device(self.loop_dev) |
||||
@@ -120,7 +139,10 @@ def test_generic_wipe(self): |
||||
|
||||
# vfat has multiple signatures on the device so it allows us to test the |
||||
# 'all' argument of fs_wipe() |
||||
- ret = run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
+ if self._vfat_version >= LooseVersion("4.2"): |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1 --mbr=n" % self.loop_dev) |
||||
+ else: |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
self.assertEqual(ret, 0) |
||||
|
||||
time.sleep(0.5) |
||||
@@ -142,7 +164,10 @@ def test_generic_wipe(self): |
||||
self.assertEqual(fs_type, b"") |
||||
|
||||
# now do the wipe all in a one step |
||||
- ret = run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
+ if self._vfat_version >= LooseVersion("4.2"): |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1 --mbr=n" % self.loop_dev) |
||||
+ else: |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
self.assertEqual(ret, 0) |
||||
|
||||
succ = BlockDev.fs_wipe(self.loop_dev, True) |
||||
@@ -197,7 +222,10 @@ def test_clean(self): |
||||
|
||||
# vfat has multiple signatures on the device so it allows us to test |
||||
# that clean removes all signatures |
||||
- ret = run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
+ if self._vfat_version >= LooseVersion("4.2"): |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1 --mbr=n" % self.loop_dev) |
||||
+ else: |
||||
+ ret = utils.run("mkfs.vfat -I %s >/dev/null 2>&1" % self.loop_dev) |
||||
self.assertEqual(ret, 0) |
||||
|
||||
time.sleep(0.5) |
||||
@@ -744,9 +772,9 @@ def test_vfat_mkfs(self): |
||||
"""Verify that it is possible to create a new vfat file system""" |
||||
|
||||
with self.assertRaises(GLib.GError): |
||||
- BlockDev.fs_vfat_mkfs("/non/existing/device", None) |
||||
+ BlockDev.fs_vfat_mkfs("/non/existing/device", self._mkfs_options) |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
# just try if we can mount the file system |
||||
@@ -764,7 +792,10 @@ def test_vfat_mkfs_with_label(self): |
||||
"""Verify that it is possible to create an vfat file system with label""" |
||||
|
||||
ea = BlockDev.ExtraArg.new("-n", "TEST_LABEL") |
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, [ea]) |
||||
+ if self._mkfs_options: |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, [ea] + self._mkfs_options) |
||||
+ else: |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, [ea]) |
||||
self.assertTrue(succ) |
||||
|
||||
fi = BlockDev.fs_vfat_get_info(self.loop_dev) |
||||
@@ -775,7 +806,7 @@ class VfatTestWipe(FSTestCase): |
||||
def test_vfat_wipe(self): |
||||
"""Verify that it is possible to wipe an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
succ = BlockDev.fs_vfat_wipe(self.loop_dev) |
||||
@@ -805,7 +836,7 @@ class VfatTestCheck(FSTestCase): |
||||
def test_vfat_check(self): |
||||
"""Verify that it is possible to check an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
succ = BlockDev.fs_vfat_check(self.loop_dev, None) |
||||
@@ -818,7 +849,7 @@ class VfatTestRepair(FSTestCase): |
||||
def test_vfat_repair(self): |
||||
"""Verify that it is possible to repair an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
succ = BlockDev.fs_vfat_repair(self.loop_dev, None) |
||||
@@ -828,7 +859,7 @@ class VfatGetInfo(FSTestCase): |
||||
def test_vfat_get_info(self): |
||||
"""Verify that it is possible to get info about an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
fi = BlockDev.fs_vfat_get_info(self.loop_dev) |
||||
@@ -841,7 +872,7 @@ class VfatSetLabel(FSTestCase): |
||||
def test_vfat_set_label(self): |
||||
"""Verify that it is possible to set label of an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
fi = BlockDev.fs_vfat_get_info(self.loop_dev) |
||||
@@ -870,7 +901,7 @@ class VfatResize(FSTestCase): |
||||
def test_vfat_resize(self): |
||||
"""Verify that it is possible to resize an vfat file system""" |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
# shrink |
||||
@@ -999,7 +1030,7 @@ def _remove_user(self): |
||||
def test_mount(self): |
||||
""" Test basic mounting and unmounting """ |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
tmp = tempfile.mkdtemp(prefix="libblockdev.", suffix="mount_test") |
||||
@@ -1104,7 +1135,7 @@ def test_mount_fstab(self): |
||||
fstab = utils.read_file("/etc/fstab") |
||||
self.addCleanup(utils.write_file, "/etc/fstab", fstab) |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
tmp = tempfile.mkdtemp(prefix="libblockdev.", suffix="mount_fstab_test") |
||||
@@ -1139,7 +1170,7 @@ def test_mount_fstab_user(self): |
||||
fstab = utils.read_file("/etc/fstab") |
||||
self.addCleanup(utils.write_file, "/etc/fstab", fstab) |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
tmp = tempfile.mkdtemp(prefix="libblockdev.", suffix="mount_fstab_user_test") |
||||
@@ -1423,7 +1454,16 @@ def expected_size(fi): |
||||
@tag_test(TestTags.UNSTABLE) |
||||
def test_vfat_generic_resize(self): |
||||
"""Test generic resize function with a vfat file system""" |
||||
- self._test_generic_resize(mkfs_function=BlockDev.fs_vfat_mkfs) |
||||
+ def mkfs_vfat(device, options=None): |
||||
+ if self._vfat_version >= LooseVersion("4.2"): |
||||
+ if options: |
||||
+ return BlockDev.fs_vfat_mkfs(device, options + [BlockDev.ExtraArg.new("--mbr=n", "")]) |
||||
+ else: |
||||
+ return BlockDev.fs_vfat_mkfs(device, [BlockDev.ExtraArg.new("--mbr=n", "")]) |
||||
+ else: |
||||
+ return BlockDev.fs_vfat_mkfs(device, options) |
||||
+ |
||||
+ self._test_generic_resize(mkfs_function=mkfs_vfat) |
||||
|
||||
def _destroy_lvm(self): |
||||
run("vgremove --yes libbd_fs_tests >/dev/null 2>&1") |
||||
@@ -1539,7 +1579,7 @@ def test_freeze_xfs(self): |
||||
def test_freeze_vfat(self): |
||||
""" Test basic freezing and un-freezing with FAT """ |
||||
|
||||
- succ = BlockDev.fs_vfat_mkfs(self.loop_dev, None) |
||||
+ succ = BlockDev.fs_vfat_mkfs(self.loop_dev, self._mkfs_options) |
||||
self.assertTrue(succ) |
||||
|
||||
tmp = tempfile.mkdtemp(prefix="libblockdev.", suffix="freeze_test") |
@ -0,0 +1,157 @@
@@ -0,0 +1,157 @@
|
||||
From 7c31cc534f96766dd2e3427b09d0affca66b0745 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 23 Mar 2021 13:54:02 +0100 |
||||
Subject: [PATCH 1/3] tests: Do not try to remove VG before removing the VDO |
||||
pool |
||||
|
||||
--- |
||||
tests/lvm_dbus_tests.py | 6 +++--- |
||||
tests/lvm_test.py | 6 +++--- |
||||
2 files changed, 6 insertions(+), 6 deletions(-) |
||||
|
||||
diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py |
||||
index 8f2bb95d..b599fdd0 100644 |
||||
--- a/tests/lvm_dbus_tests.py |
||||
+++ b/tests/lvm_dbus_tests.py |
||||
@@ -1517,14 +1517,14 @@ def setUp(self): |
||||
self.assertTrue(succ) |
||||
|
||||
def _clean_up(self): |
||||
- BlockDev.lvm_vgremove("testVDOVG") |
||||
- BlockDev.lvm_pvremove(self.loop_dev) |
||||
- |
||||
try: |
||||
BlockDev.lvm_lvremove("testVDOVG", "vdoPool", True, None) |
||||
except: |
||||
pass |
||||
|
||||
+ BlockDev.lvm_vgremove("testVDOVG") |
||||
+ BlockDev.lvm_pvremove(self.loop_dev) |
||||
+ |
||||
try: |
||||
delete_lio_device(self.loop_dev) |
||||
except RuntimeError: |
||||
diff --git a/tests/lvm_test.py b/tests/lvm_test.py |
||||
index 6f80a3ba..6c04faf9 100644 |
||||
--- a/tests/lvm_test.py |
||||
+++ b/tests/lvm_test.py |
||||
@@ -1437,14 +1437,14 @@ def setUp(self): |
||||
self.assertTrue(succ) |
||||
|
||||
def _clean_up(self): |
||||
- BlockDev.lvm_vgremove("testVDOVG") |
||||
- BlockDev.lvm_pvremove(self.loop_dev) |
||||
- |
||||
try: |
||||
BlockDev.lvm_lvremove("testVDOVG", "vdoPool", True, None) |
||||
except: |
||||
pass |
||||
|
||||
+ BlockDev.lvm_vgremove("testVDOVG") |
||||
+ BlockDev.lvm_pvremove(self.loop_dev) |
||||
+ |
||||
try: |
||||
delete_lio_device(self.loop_dev) |
||||
except RuntimeError: |
||||
|
||||
From 41b9d745b8c1a33221e15683f390bae180d1e960 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 23 Mar 2021 13:59:24 +0100 |
||||
Subject: [PATCH 2/3] tests: Force remove LVM VG /dev/ entry not removed by |
||||
vgremove |
||||
|
||||
The directory is sometimes not removed. This is a known bug that |
||||
causes subsequent test cases to fail. |
||||
--- |
||||
tests/lvm_dbus_tests.py | 6 ++++++ |
||||
tests/lvm_test.py | 6 ++++++ |
||||
2 files changed, 12 insertions(+) |
||||
|
||||
diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py |
||||
index b599fdd0..3278716e 100644 |
||||
--- a/tests/lvm_dbus_tests.py |
||||
+++ b/tests/lvm_dbus_tests.py |
||||
@@ -399,6 +399,9 @@ def _clean_up(self): |
||||
except: |
||||
pass |
||||
|
||||
+ # XXX remove lingering /dev entries |
||||
+ shutil.rmtree("/dev/testVG", ignore_errors=True) |
||||
+ |
||||
LvmPVonlyTestCase._clean_up(self) |
||||
|
||||
@unittest.skipUnless(lvm_dbus_running, "LVM DBus not running") |
||||
@@ -1525,6 +1528,9 @@ def _clean_up(self): |
||||
BlockDev.lvm_vgremove("testVDOVG") |
||||
BlockDev.lvm_pvremove(self.loop_dev) |
||||
|
||||
+ # XXX remove lingering /dev entries |
||||
+ shutil.rmtree("/dev/testVDOVG", ignore_errors=True) |
||||
+ |
||||
try: |
||||
delete_lio_device(self.loop_dev) |
||||
except RuntimeError: |
||||
diff --git a/tests/lvm_test.py b/tests/lvm_test.py |
||||
index 6c04faf9..d7e1f84c 100644 |
||||
--- a/tests/lvm_test.py |
||||
+++ b/tests/lvm_test.py |
||||
@@ -378,6 +378,9 @@ def _clean_up(self): |
||||
except: |
||||
pass |
||||
|
||||
+ # XXX remove lingering /dev entries |
||||
+ shutil.rmtree("/dev/testVG", ignore_errors=True) |
||||
+ |
||||
LvmPVonlyTestCase._clean_up(self) |
||||
|
||||
class LvmTestVGcreateRemove(LvmPVVGTestCase): |
||||
@@ -1445,6 +1448,9 @@ def _clean_up(self): |
||||
BlockDev.lvm_vgremove("testVDOVG") |
||||
BlockDev.lvm_pvremove(self.loop_dev) |
||||
|
||||
+ # XXX remove lingering /dev entries |
||||
+ shutil.rmtree("/dev/testVDOVG", ignore_errors=True) |
||||
+ |
||||
try: |
||||
delete_lio_device(self.loop_dev) |
||||
except RuntimeError: |
||||
|
||||
From 4ecf0075cedf3a1d275d34b94ce5bb512c4e970e Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 23 Mar 2021 14:03:44 +0100 |
||||
Subject: [PATCH 3/3] tests: Tag LvmPVVGLVcachePoolCreateRemoveTestCase as |
||||
unstable |
||||
|
||||
LVM randomly fails to activate the newly created metadata LV. |
||||
Issue is reported to LVM and not yet fixed. |
||||
--- |
||||
tests/lvm_dbus_tests.py | 2 +- |
||||
tests/lvm_test.py | 2 +- |
||||
2 files changed, 2 insertions(+), 2 deletions(-) |
||||
|
||||
diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py |
||||
index 3278716e..4882da88 100644 |
||||
--- a/tests/lvm_dbus_tests.py |
||||
+++ b/tests/lvm_dbus_tests.py |
||||
@@ -1213,7 +1213,7 @@ def _clean_up(self): |
||||
|
||||
@unittest.skipUnless(lvm_dbus_running, "LVM DBus not running") |
||||
class LvmPVVGLVcachePoolCreateRemoveTestCase(LvmPVVGLVcachePoolTestCase): |
||||
- @tag_test(TestTags.SLOW) |
||||
+ @tag_test(TestTags.SLOW, TestTags.UNSTABLE) |
||||
def test_cache_pool_create_remove(self): |
||||
"""Verify that is it possible to create and remove a cache pool""" |
||||
|
||||
diff --git a/tests/lvm_test.py b/tests/lvm_test.py |
||||
index d7e1f84c..eb94c917 100644 |
||||
--- a/tests/lvm_test.py |
||||
+++ b/tests/lvm_test.py |
||||
@@ -1129,7 +1129,7 @@ def _clean_up(self): |
||||
LvmPVVGLVTestCase._clean_up(self) |
||||
|
||||
class LvmPVVGLVcachePoolCreateRemoveTestCase(LvmPVVGLVcachePoolTestCase): |
||||
- @tag_test(TestTags.SLOW) |
||||
+ @tag_test(TestTags.SLOW, TestTags.UNSTABLE) |
||||
def test_cache_pool_create_remove(self): |
||||
"""Verify that is it possible to create and remove a cache pool""" |
||||
|
@ -0,0 +1,144 @@
@@ -0,0 +1,144 @@
|
||||
From 77b8d17b0baf96a7a552fb8963afdbe8c3b18da7 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 2 Jun 2021 12:53:24 +0200 |
||||
Subject: [PATCH 1/4] tests: Make sure the test temp mount is always unmounted |
||||
|
||||
With try-finally the unmount function will always run even if the |
||||
test case fails. |
||||
--- |
||||
tests/fs_test.py | 6 ++++-- |
||||
1 file changed, 4 insertions(+), 2 deletions(-) |
||||
|
||||
diff --git a/tests/fs_test.py b/tests/fs_test.py |
||||
index 2233db4f..de685b5f 100644 |
||||
--- a/tests/fs_test.py |
||||
+++ b/tests/fs_test.py |
||||
@@ -29,8 +29,10 @@ def check_output(args, ignore_retcode=True): |
||||
@contextmanager |
||||
def mounted(device, where, ro=False): |
||||
mount(device, where, ro) |
||||
- yield |
||||
- umount(where) |
||||
+ try: |
||||
+ yield |
||||
+ finally: |
||||
+ utils.umount(where) |
||||
|
||||
|
||||
def _get_dosfstools_version(): |
||||
|
||||
From aa802b6a2c9038069cfea7f821333367840a43ca Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 2 Jun 2021 13:05:17 +0200 |
||||
Subject: [PATCH 2/4] tests: Do not check that XFS shrink fails with xfsprogs |
||||
>= 5.12 |
||||
|
||||
xfsprogs 5.12 now has experimental support for shrinking, we need |
||||
more changes to support it properly so just skip this check for |
||||
now. |
||||
--- |
||||
tests/fs_test.py | 24 ++++++++++++++++++------ |
||||
1 file changed, 18 insertions(+), 6 deletions(-) |
||||
|
||||
diff --git a/tests/fs_test.py b/tests/fs_test.py |
||||
index de685b5f..551b6a7b 100644 |
||||
--- a/tests/fs_test.py |
||||
+++ b/tests/fs_test.py |
||||
@@ -44,6 +44,14 @@ def _get_dosfstools_version(): |
||||
return LooseVersion(m.groups()[0]) |
||||
|
||||
|
||||
+def _get_xfs_version(): |
||||
+ _ret, out, _err = utils.run_command("mkfs.xfs -V") |
||||
+ m = re.search(r"mkfs\.xfs version ([\d\.]+)", out) |
||||
+ if not m or len(m.groups()) != 1: |
||||
+ raise RuntimeError("Failed to determine xfsprogs version from: %s" % out) |
||||
+ return LooseVersion(m.groups()[0]) |
||||
+ |
||||
+ |
||||
class FSTestCase(unittest.TestCase): |
||||
|
||||
requested_plugins = BlockDev.plugin_specs_from_names(("fs", "loop")) |
||||
@@ -736,9 +744,11 @@ def test_xfs_resize(self): |
||||
self.assertEqual(fi.block_size * fi.block_count, 50 * 1024**2) |
||||
|
||||
# (still) impossible to shrink an XFS file system |
||||
- with mounted(lv, self.mount_dir): |
||||
- with self.assertRaises(GLib.GError): |
||||
- succ = BlockDev.fs_xfs_resize(self.mount_dir, 40 * 1024**2 / fi.block_size, None) |
||||
+ xfs_version = _get_xfs_version() |
||||
+ if xfs_version < LooseVersion("5.1.12"): |
||||
+ with mounted(lv, self.mount_dir): |
||||
+ with self.assertRaises(GLib.GError): |
||||
+ succ = BlockDev.fs_resize(lv, 40 * 1024**2) |
||||
|
||||
run("lvresize -L70M libbd_fs_tests/xfs_test >/dev/null 2>&1") |
||||
# should grow |
||||
@@ -1503,9 +1513,11 @@ def test_xfs_generic_resize(self): |
||||
self.assertEqual(fi.block_size * fi.block_count, 50 * 1024**2) |
||||
|
||||
# (still) impossible to shrink an XFS file system |
||||
- with mounted(lv, self.mount_dir): |
||||
- with self.assertRaises(GLib.GError): |
||||
- succ = BlockDev.fs_resize(lv, 40 * 1024**2) |
||||
+ xfs_version = _get_xfs_version() |
||||
+ if xfs_version < LooseVersion("5.1.12"): |
||||
+ with mounted(lv, self.mount_dir): |
||||
+ with self.assertRaises(GLib.GError): |
||||
+ succ = BlockDev.fs_resize(lv, 40 * 1024**2) |
||||
|
||||
run("lvresize -L70M libbd_fs_tests/xfs_test >/dev/null 2>&1") |
||||
# should grow |
||||
|
||||
From ca01b6021cce3ea6a2318e74de408757f933d947 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 2 Jun 2021 13:06:41 +0200 |
||||
Subject: [PATCH 3/4] tests: Temporarily skip |
||||
test_snapshotcreate_lvorigin_snapshotmerge |
||||
|
||||
With LVM DBus API the lvconvert job is never finished which means |
||||
the test run never finishes in our CI. |
||||
--- |
||||
tests/skip.yml | 6 ++++++ |
||||
1 file changed, 6 insertions(+) |
||||
|
||||
diff --git a/tests/skip.yml b/tests/skip.yml |
||||
index 145d321d..e22e712d 100644 |
||||
--- a/tests/skip.yml |
||||
+++ b/tests/skip.yml |
||||
@@ -137,3 +137,9 @@ |
||||
- distro: "fedora" |
||||
version: ["31", "32"] |
||||
reason: "working with old-style LVM snapshots leads to deadlock in LVM tools" |
||||
+ |
||||
+- test: lvm_dbus_tests.LvmTestLVsnapshots.test_snapshotcreate_lvorigin_snapshotmerge |
||||
+ skip_on: |
||||
+ - distro: "centos" |
||||
+ version: "9" |
||||
+ reason: "snapshot merge doesn't work on CentOS 9 Stream with LVM DBus API" |
||||
|
||||
From d0c44cd3d182599433f352901796af7c403239eb Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 2 Jun 2021 13:08:09 +0200 |
||||
Subject: [PATCH 4/4] Fix skipping tests on Debian testing |
||||
|
||||
Testing now identifies itself as "Debian GNU/Linux 11 (bullseye)" |
||||
so the tests that should be skipped on testing needs to be skipped |
||||
on "11" too. |
||||
--- |
||||
tests/skip.yml | 2 +- |
||||
1 file changed, 1 insertion(+), 1 deletion(-) |
||||
|
||||
diff --git a/tests/skip.yml b/tests/skip.yml |
||||
index e22e712d..4134ee87 100644 |
||||
--- a/tests/skip.yml |
||||
+++ b/tests/skip.yml |
||||
@@ -37,7 +37,7 @@ |
||||
- test: fs_test.MountTest.test_mount_ntfs_ro |
||||
skip_on: |
||||
- distro: "debian" |
||||
- version: ["9", "10", "testing"] |
||||
+ version: ["9", "10", "11", "testing"] |
||||
reason: "NTFS mounting of read-only devices doesn't work as expected on Debian" |
||||
|
||||
- test: kbd_test.KbdZRAM* |
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,80 @@
@@ -0,0 +1,80 @@
|
||||
From e0fcbae856454dba9df3f8df800d74fde66731e5 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Tue, 31 Aug 2021 14:07:23 +0200 |
||||
Subject: [PATCH] lvm: Fix reading statistics for VDO pools with VDO 8 |
||||
|
||||
The statistics are no longer available in /sys/kvdo, in the latest |
||||
version of kvdo we need to use /sys/block/<pool>/vdo/statistics. |
||||
|
||||
Resolves: rhbz#1994220 |
||||
--- |
||||
src/plugins/vdo_stats.c | 42 +++++++++++++++++++++++++++++++++++++---- |
||||
1 file changed, 38 insertions(+), 4 deletions(-) |
||||
|
||||
diff --git a/src/plugins/vdo_stats.c b/src/plugins/vdo_stats.c |
||||
index ed04b51..2e244aa 100644 |
||||
--- a/src/plugins/vdo_stats.c |
||||
+++ b/src/plugins/vdo_stats.c |
||||
@@ -133,6 +133,23 @@ static void add_computed_stats (GHashTable *stats) { |
||||
add_journal_stats (stats); |
||||
} |
||||
|
||||
+static gchar* _dm_node_from_name (const gchar *map_name, GError **error) { |
||||
+ gchar *dev_path = NULL; |
||||
+ gchar *ret = NULL; |
||||
+ gchar *dev_mapper_path = g_strdup_printf ("/dev/mapper/%s", map_name); |
||||
+ |
||||
+ dev_path = bd_utils_resolve_device (dev_mapper_path, error); |
||||
+ g_free (dev_mapper_path); |
||||
+ if (!dev_path) |
||||
+ /* error is already populated */ |
||||
+ return NULL; |
||||
+ |
||||
+ ret = g_path_get_basename (dev_path); |
||||
+ g_free (dev_path); |
||||
+ |
||||
+ return ret; |
||||
+} |
||||
+ |
||||
GHashTable __attribute__ ((visibility ("hidden"))) |
||||
*vdo_get_stats_full (const gchar *name, GError **error) { |
||||
GHashTable *stats; |
||||
@@ -141,14 +158,31 @@ GHashTable __attribute__ ((visibility ("hidden"))) |
||||
const gchar *direntry; |
||||
gchar *s; |
||||
gchar *val = NULL; |
||||
+ g_autofree gchar *dm_node = NULL; |
||||
|
||||
- /* TODO: does the `name` need to be escaped? */ |
||||
- stats_dir = g_build_path (G_DIR_SEPARATOR_S, VDO_SYS_PATH, name, "statistics", NULL); |
||||
+ /* try "new" (kvdo >= 8) path first -- /sys/block/dm-X/vdo/statistics */ |
||||
+ dm_node = _dm_node_from_name (name, error); |
||||
+ if (dm_node == NULL) { |
||||
+ g_prefix_error (error, "Failed to get DM node for %s: ", name); |
||||
+ return NULL; |
||||
+ } |
||||
+ |
||||
+ stats_dir = g_build_path (G_DIR_SEPARATOR_S, "/sys/block", dm_node, "vdo/statistics", NULL); |
||||
dir = g_dir_open (stats_dir, 0, error); |
||||
if (dir == NULL) { |
||||
- g_prefix_error (error, "Error reading statistics from %s: ", stats_dir); |
||||
+ g_debug ("Failed to read VDO stats using the new API, falling back to %s: %s", |
||||
+ VDO_SYS_PATH, (*error)->message); |
||||
g_free (stats_dir); |
||||
- return NULL; |
||||
+ g_clear_error (error); |
||||
+ |
||||
+ /* lets try /sys/kvdo */ |
||||
+ stats_dir = g_build_path (G_DIR_SEPARATOR_S, VDO_SYS_PATH, name, "statistics", NULL); |
||||
+ dir = g_dir_open (stats_dir, 0, error); |
||||
+ if (dir == NULL) { |
||||
+ g_prefix_error (error, "Error reading statistics from %s: ", stats_dir); |
||||
+ g_free (stats_dir); |
||||
+ return NULL; |
||||
+ } |
||||
} |
||||
|
||||
stats = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); |
||||
-- |
||||
2.31.1 |
||||
|
@ -0,0 +1,30 @@
@@ -0,0 +1,30 @@
|
||||
From 940346f14ee5644f2593817b4196c18de8a713f0 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Mon, 22 Nov 2021 14:16:02 +0100 |
||||
Subject: [PATCH] vdo_stats: Default to 100 % savings for invalid savings |
||||
values |
||||
|
||||
We are currently using "-1" when VDO logical_blocks_used is 0 |
||||
which doesn't match the LVM logic which returns 100 so to make |
||||
both values in vdo_info and vdo_stats equal we should return 100 |
||||
in this case too. |
||||
--- |
||||
src/plugins/vdo_stats.c | 2 +- |
||||
1 file changed, 1 insertion(+), 1 deletion(-) |
||||
|
||||
diff --git a/src/plugins/vdo_stats.c b/src/plugins/vdo_stats.c |
||||
index 3ec2d60..f3f0390 100644 |
||||
--- a/src/plugins/vdo_stats.c |
||||
+++ b/src/plugins/vdo_stats.c |
||||
@@ -96,7 +96,7 @@ static void add_block_stats (GHashTable *stats) { |
||||
g_hash_table_replace (stats, g_strdup ("oneKBlocksUsed"), g_strdup_printf ("%"G_GINT64_FORMAT, (data_blocks_used + overhead_blocks_used) * block_size / 1024)); |
||||
g_hash_table_replace (stats, g_strdup ("oneKBlocksAvailable"), g_strdup_printf ("%"G_GINT64_FORMAT, (physical_blocks - data_blocks_used - overhead_blocks_used) * block_size / 1024)); |
||||
g_hash_table_replace (stats, g_strdup ("usedPercent"), g_strdup_printf ("%.0f", 100.0 * (gfloat) (data_blocks_used + overhead_blocks_used) / (gfloat) physical_blocks + 0.5)); |
||||
- savings = (logical_blocks_used > 0) ? (gint64) (100.0 * (gfloat) (logical_blocks_used - data_blocks_used) / (gfloat) logical_blocks_used) : -1; |
||||
+ savings = (logical_blocks_used > 0) ? (gint64) (100.0 * (gfloat) (logical_blocks_used - data_blocks_used) / (gfloat) logical_blocks_used) : 100; |
||||
g_hash_table_replace (stats, g_strdup ("savings"), g_strdup_printf ("%"G_GINT64_FORMAT, savings)); |
||||
if (savings >= 0) |
||||
g_hash_table_replace (stats, g_strdup ("savingPercent"), g_strdup_printf ("%"G_GINT64_FORMAT, savings)); |
||||
-- |
||||
2.31.1 |
||||
|
@ -0,0 +1,966 @@
@@ -0,0 +1,966 @@
|
||||
From 37f1aff5f5f967d6a4440d176f3de877aab789ac Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Mon, 20 Sep 2021 16:38:16 +0200 |
||||
Subject: [PATCH 1/3] Add support for creating and activating integrity devices |
||||
|
||||
This adds support for create, open and close actions for standalone |
||||
integrity devices using cryptsetup. |
||||
--- |
||||
configure.ac | 4 +- |
||||
src/lib/plugin_apis/crypto.api | 157 +++++++++++++++++ |
||||
src/plugins/crypto.c | 261 +++++++++++++++++++++++++++- |
||||
src/plugins/crypto.h | 41 +++++ |
||||
src/python/gi/overrides/BlockDev.py | 24 +++ |
||||
tests/crypto_test.py | 97 ++++++++++- |
||||
6 files changed, 576 insertions(+), 8 deletions(-) |
||||
|
||||
diff --git a/configure.ac b/configure.ac |
||||
index abe1412..13830ae 100644 |
||||
--- a/configure.ac |
||||
+++ b/configure.ac |
||||
@@ -210,7 +210,9 @@ AS_IF([test "x$with_crypto" != "xno"], |
||||
AS_IF([$PKG_CONFIG --atleast-version=2.0.3 libcryptsetup], |
||||
[AC_DEFINE([LIBCRYPTSETUP_2])], []) |
||||
AS_IF([$PKG_CONFIG --atleast-version=2.3.0 libcryptsetup], |
||||
- [AC_DEFINE([LIBCRYPTSETUP_BITLK])], []) |
||||
+ [AC_DEFINE([LIBCRYPTSETUP_23])], []) |
||||
+ AS_IF([$PKG_CONFIG --atleast-version=2.4.0 libcryptsetup], |
||||
+ [AC_DEFINE([LIBCRYPTSETUP_24])], []) |
||||
AS_IF([test "x$with_escrow" != "xno"], |
||||
[LIBBLOCKDEV_PKG_CHECK_MODULES([NSS], [nss >= 3.18.0]) |
||||
LIBBLOCKDEV_CHECK_HEADER([volume_key/libvolume_key.h], [$GLIB_CFLAGS $NSS_CFLAGS], [libvolume_key.h not available])], |
||||
diff --git a/src/lib/plugin_apis/crypto.api b/src/lib/plugin_apis/crypto.api |
||||
index ef0217f..40e32c8 100644 |
||||
--- a/src/lib/plugin_apis/crypto.api |
||||
+++ b/src/lib/plugin_apis/crypto.api |
||||
@@ -1,5 +1,6 @@ |
||||
#include <glib.h> |
||||
#include <blockdev/utils.h> |
||||
+#include <libcryptsetup.h> |
||||
|
||||
#define BD_CRYPTO_LUKS_METADATA_SIZE G_GUINT64_CONSTANT (2097152ULL) // 2 MiB |
||||
|
||||
@@ -245,6 +246,115 @@ GType bd_crypto_luks_extra_get_type () { |
||||
return type; |
||||
} |
||||
|
||||
+#define BD_CRYPTO_TYPE_INTEGRITY_EXTRA (bd_crypto_integrity_extra_get_type ()) |
||||
+GType bd_crypto_integrity_extra_get_type(); |
||||
+ |
||||
+/** |
||||
+ * BDCryptoIntegrityExtra: |
||||
+ * @sector_size: integrity sector size |
||||
+ * @journal_size: size of journal in bytes |
||||
+ * @journal_watermark: journal flush watermark in percents; in bitmap mode sectors-per-bit |
||||
+ * @journal_commit_time: journal commit time (or bitmap flush time) in ms |
||||
+ * @interleave_sectors: number of interleave sectors (power of two) |
||||
+ * @tag_size: tag size per-sector in bytes |
||||
+ * @buffer_sectors: number of sectors in one buffer |
||||
+ */ |
||||
+typedef struct BDCryptoIntegrityExtra { |
||||
+ guint32 sector_size; |
||||
+ guint64 journal_size; |
||||
+ guint journal_watermark; |
||||
+ guint journal_commit_time; |
||||
+ guint32 interleave_sectors; |
||||
+ guint32 tag_size; |
||||
+ guint32 buffer_sectors; |
||||
+} BDCryptoIntegrityExtra; |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_extra_copy: (skip) |
||||
+ * @extra: (allow-none): %BDCryptoIntegrityExtra to copy |
||||
+ * |
||||
+ * Creates a new copy of @extra. |
||||
+ */ |
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_copy (BDCryptoIntegrityExtra *extra) { |
||||
+ if (extra == NULL) |
||||
+ return NULL; |
||||
+ |
||||
+ BDCryptoIntegrityExtra *new_extra = g_new0 (BDCryptoIntegrityExtra, 1); |
||||
+ |
||||
+ new_extra->sector_size = extra->sector_size; |
||||
+ new_extra->journal_size = extra->journal_size; |
||||
+ new_extra->journal_watermark = extra->journal_watermark; |
||||
+ new_extra->journal_commit_time = extra->journal_commit_time; |
||||
+ new_extra->interleave_sectors = extra->interleave_sectors; |
||||
+ new_extra->tag_size = extra->tag_size; |
||||
+ new_extra->buffer_sectors = extra->buffer_sectors; |
||||
+ |
||||
+ return new_extra; |
||||
+} |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_extra_free: (skip) |
||||
+ * @extra: (allow-none): %BDCryptoIntegrityExtra to free |
||||
+ * |
||||
+ * Frees @extra. |
||||
+ */ |
||||
+void bd_crypto_integrity_extra_free (BDCryptoIntegrityExtra *extra) { |
||||
+ if (extra == NULL) |
||||
+ return; |
||||
+ |
||||
+ g_free (extra); |
||||
+} |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_extra_new: (constructor) |
||||
+ * @sector_size: integrity sector size, 0 for default (512) |
||||
+ * @journal_size: size of journal in bytes |
||||
+ * @journal_watermark: journal flush watermark in percents; in bitmap mode sectors-per-bit |
||||
+ * @journal_commit_time: journal commit time (or bitmap flush time) in ms |
||||
+ * @interleave_sectors: number of interleave sectors (power of two) |
||||
+ * @tag_size: tag size per-sector in bytes |
||||
+ * @buffer_sectors: number of sectors in one buffer |
||||
+ * |
||||
+ * Returns: (transfer full): a new Integrity extra argument |
||||
+ */ |
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_new (guint64 sector_size, guint64 journal_size, guint journal_watermark, guint journal_commit_time, guint64 interleave_sectors, guint64 tag_size, guint64 buffer_sectors) { |
||||
+ BDCryptoIntegrityExtra *ret = g_new0 (BDCryptoIntegrityExtra, 1); |
||||
+ ret->sector_size = sector_size; |
||||
+ ret->journal_size = journal_size; |
||||
+ ret->journal_watermark = journal_watermark; |
||||
+ ret->journal_commit_time = journal_commit_time; |
||||
+ ret->interleave_sectors = interleave_sectors; |
||||
+ ret->tag_size = tag_size; |
||||
+ ret->buffer_sectors = buffer_sectors; |
||||
+ |
||||
+ return ret; |
||||
+} |
||||
+ |
||||
+GType bd_crypto_integrity_extra_get_type () { |
||||
+ static GType type = 0; |
||||
+ |
||||
+ if (G_UNLIKELY(type == 0)) { |
||||
+ type = g_boxed_type_register_static("BDCryptoIntegrityExtra", |
||||
+ (GBoxedCopyFunc) bd_crypto_integrity_extra_copy, |
||||
+ (GBoxedFreeFunc) bd_crypto_integrity_extra_free); |
||||
+ } |
||||
+ |
||||
+ return type; |
||||
+} |
||||
+ |
||||
+typedef enum { |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = CRYPT_ACTIVATE_NO_JOURNAL, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = CRYPT_ACTIVATE_RECOVERY, |
||||
+#ifdef CRYPT_ACTIVATE_NO_JOURNAL_BITMAP |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = CRYPT_ACTIVATE_NO_JOURNAL_BITMAP, |
||||
+#endif |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = CRYPT_ACTIVATE_RECALCULATE, |
||||
+#ifdef CRYPT_ACTIVATE_RECALCULATE_RESET |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = CRYPT_ACTIVATE_RECALCULATE_RESET, |
||||
+#endif |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = CRYPT_ACTIVATE_ALLOW_DISCARDS, |
||||
+} BDCryptoIntegrityOpenFlags; |
||||
+ |
||||
#define BD_CRYPTO_TYPE_LUKS_INFO (bd_crypto_luks_info_get_type ()) |
||||
GType bd_crypto_luks_info_get_type(); |
||||
|
||||
@@ -857,6 +967,53 @@ BDCryptoLUKSInfo* bd_crypto_luks_info (const gchar *luks_device, GError **error) |
||||
*/ |
||||
BDCryptoIntegrityInfo* bd_crypto_integrity_info (const gchar *device, GError **error); |
||||
|
||||
+/** |
||||
+ * bd_crypto_integrity_format: |
||||
+ * @device: a device to format as integrity |
||||
+ * @algorithm: integrity algorithm specification (e.g. "crc32c" or "sha256") or %NULL to use the default |
||||
+ * @wipe: whether to wipe the device after format; a device that is not initially wiped will contain invalid checksums |
||||
+ * @key_data: (allow-none) (array length=key_size): integrity key or %NULL if not needed |
||||
+ * @key_size: size the integrity key and @key_data |
||||
+ * @extra: (allow-none): extra arguments for integrity format creation |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Formats the given @device as integrity according to the other parameters given. |
||||
+ * |
||||
+ * Returns: whether the given @device was successfully formatted as integrity or not |
||||
+ * (the @error) contains the error in such cases) |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_CREATE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_format (const gchar *device, const gchar *algorithm, gboolean wipe, const guint8* key_data, gsize key_size, BDCryptoIntegrityExtra *extra, GError **error); |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_open: |
||||
+ * @device: integrity device to open |
||||
+ * @name: name for the opened @device |
||||
+ * @algorithm: (allow-none): integrity algorithm specification (e.g. "crc32c" or "sha256") or %NULL to use the default |
||||
+ * @key_data: (allow-none) (array length=key_size): integrity key or %NULL if not needed |
||||
+ * @key_size: size the integrity key and @key_data |
||||
+ * @flags: flags for the integrity device activation |
||||
+ * @extra: (allow-none): extra arguments for integrity open |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Returns: whether the @device was successfully opened or not |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const gchar *algorithm, const guint8* key_data, gsize key_size, BDCryptoIntegrityOpenFlags flags, BDCryptoIntegrityExtra *extra, GError **error); |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_close: |
||||
+ * @integrity_device: integrity device to close |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Returns: whether the given @integrity_device was successfully closed or not |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_close (const gchar *integrity_device, GError **error); |
||||
+ |
||||
/** |
||||
* bd_crypto_device_seems_encrypted: |
||||
* @device: the queried device |
||||
diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c |
||||
index 4fad9a8..b1b0700 100644 |
||||
--- a/src/plugins/crypto.c |
||||
+++ b/src/plugins/crypto.c |
||||
@@ -50,6 +50,18 @@ |
||||
|
||||
#define SECTOR_SIZE 512 |
||||
|
||||
+#define DEFAULT_LUKS_KEYSIZE_BITS 256 |
||||
+#define DEFAULT_LUKS_CIPHER "aes-xts-plain64" |
||||
+ |
||||
+#ifdef LIBCRYPTSETUP_23 |
||||
+/* 0 for autodetect since 2.3.0 */ |
||||
+#define DEFAULT_INTEGRITY_TAG_SIZE 0 |
||||
+#else |
||||
+/* we need some sane default for older versions, users should specify tag size when using |
||||
+ other algorithms than the default crc32c */ |
||||
+#define DEFAULT_INTEGRITY_TAG_SIZE 4 |
||||
+#endif |
||||
+ |
||||
#define UNUSED __attribute__((unused)) |
||||
|
||||
/** |
||||
@@ -146,6 +158,43 @@ BDCryptoLUKSExtra* bd_crypto_luks_extra_new (guint64 data_alignment, const gchar |
||||
return ret; |
||||
} |
||||
|
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_new (guint64 sector_size, guint64 journal_size, guint journal_watermark, guint journal_commit_time, guint64 interleave_sectors, guint64 tag_size, guint64 buffer_sectors) { |
||||
+ BDCryptoIntegrityExtra *ret = g_new0 (BDCryptoIntegrityExtra, 1); |
||||
+ ret->sector_size = sector_size; |
||||
+ ret->journal_size = journal_size; |
||||
+ ret->journal_watermark = journal_watermark; |
||||
+ ret->journal_commit_time = journal_commit_time; |
||||
+ ret->interleave_sectors = interleave_sectors; |
||||
+ ret->tag_size = tag_size; |
||||
+ ret->buffer_sectors = buffer_sectors; |
||||
+ |
||||
+ return ret; |
||||
+} |
||||
+ |
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_copy (BDCryptoIntegrityExtra *extra) { |
||||
+ if (extra == NULL) |
||||
+ return NULL; |
||||
+ |
||||
+ BDCryptoIntegrityExtra *new_extra = g_new0 (BDCryptoIntegrityExtra, 1); |
||||
+ |
||||
+ new_extra->sector_size = extra->sector_size; |
||||
+ new_extra->journal_size = extra->journal_size; |
||||
+ new_extra->journal_watermark = extra->journal_watermark; |
||||
+ new_extra->journal_commit_time = extra->journal_commit_time; |
||||
+ new_extra->interleave_sectors = extra->interleave_sectors; |
||||
+ new_extra->tag_size = extra->tag_size; |
||||
+ new_extra->buffer_sectors = extra->buffer_sectors; |
||||
+ |
||||
+ return new_extra; |
||||
+} |
||||
+ |
||||
+void bd_crypto_integrity_extra_free (BDCryptoIntegrityExtra *extra) { |
||||
+ if (extra == NULL) |
||||
+ return; |
||||
+ |
||||
+ g_free (extra); |
||||
+} |
||||
+ |
||||
void bd_crypto_luks_info_free (BDCryptoLUKSInfo *info) { |
||||
if (info == NULL) |
||||
return; |
||||
@@ -346,15 +395,15 @@ gboolean bd_crypto_is_tech_avail (BDCryptoTech tech, guint64 mode, GError **erro |
||||
"Integrity technology requires libcryptsetup >= 2.0"); |
||||
return FALSE; |
||||
#endif |
||||
- ret = mode & (BD_CRYPTO_TECH_MODE_QUERY); |
||||
+ ret = mode & (BD_CRYPTO_TECH_MODE_CREATE|BD_CRYPTO_TECH_MODE_OPEN_CLOSE|BD_CRYPTO_TECH_MODE_QUERY); |
||||
if (ret != mode) { |
||||
g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_TECH_UNAVAIL, |
||||
- "Only 'query' supported for Integrity"); |
||||
+ "Only 'create', 'open' and 'query' supported for Integrity"); |
||||
return FALSE; |
||||
} else |
||||
return TRUE; |
||||
case BD_CRYPTO_TECH_BITLK: |
||||
-#ifndef LIBCRYPTSETUP_BITLK |
||||
+#ifndef LIBCRYPTSETUP_23 |
||||
g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_TECH_UNAVAIL, |
||||
"BITLK technology requires libcryptsetup >= 2.3.0"); |
||||
return FALSE; |
||||
@@ -2035,6 +2084,208 @@ BDCryptoIntegrityInfo* bd_crypto_integrity_info (const gchar *device, GError **e |
||||
} |
||||
#endif |
||||
|
||||
+static int _wipe_progress (guint64 size, guint64 offset, void *usrptr) { |
||||
+ /* "convert" the progress from 0-100 to 50-100 because wipe starts at 50 in bd_crypto_integrity_format */ |
||||
+ gdouble progress = 50 + (((gdouble) offset / size) * 100) / 2; |
||||
+ bd_utils_report_progress (*(guint64 *) usrptr, progress, "Integrity device wipe in progress"); |
||||
+ |
||||
+ return 0; |
||||
+} |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_format: |
||||
+ * @device: a device to format as integrity |
||||
+ * @algorithm: integrity algorithm specification (e.g. "crc32c" or "sha256") |
||||
+ * @wipe: whether to wipe the device after format; a device that is not initially wiped will contain invalid checksums |
||||
+ * @key_data: (allow-none) (array length=key_size): integrity key or %NULL if not needed |
||||
+ * @key_size: size the integrity key and @key_data |
||||
+ * @extra: (allow-none): extra arguments for integrity format creation |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Formats the given @device as integrity according to the other parameters given. |
||||
+ * |
||||
+ * Returns: whether the given @device was successfully formatted as integrity or not |
||||
+ * (the @error) contains the error in such cases) |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_CREATE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_format (const gchar *device, const gchar *algorithm, gboolean wipe, const guint8* key_data, gsize key_size, BDCryptoIntegrityExtra *extra, GError **error) { |
||||
+ struct crypt_device *cd = NULL; |
||||
+ gint ret; |
||||
+ guint64 progress_id = 0; |
||||
+ gchar *msg = NULL; |
||||
+ struct crypt_params_integrity params = ZERO_INIT; |
||||
+ g_autofree gchar *tmp_name = NULL; |
||||
+ g_autofree gchar *tmp_path = NULL; |
||||
+ g_autofree gchar *dev_name = NULL; |
||||
+ |
||||
+ msg = g_strdup_printf ("Started formatting '%s' as integrity device", device); |
||||
+ progress_id = bd_utils_report_started (msg); |
||||
+ g_free (msg); |
||||
+ |
||||
+ ret = crypt_init (&cd, device); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to initialize device: %s", strerror_l (-ret, c_locale)); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ if (extra) { |
||||
+ params.sector_size = extra->sector_size; |
||||
+ params.journal_size = extra->journal_size; |
||||
+ params.journal_watermark = extra->journal_watermark; |
||||
+ params.journal_commit_time = extra->journal_commit_time; |
||||
+ params.interleave_sectors = extra->interleave_sectors; |
||||
+ params.tag_size = extra->tag_size; |
||||
+ params.buffer_sectors = extra->buffer_sectors; |
||||
+ } |
||||
+ |
||||
+ params.integrity_key_size = key_size; |
||||
+ params.integrity = algorithm; |
||||
+ params.tag_size = params.tag_size ? params.tag_size : DEFAULT_INTEGRITY_TAG_SIZE; |
||||
+ |
||||
+ ret = crypt_format (cd, CRYPT_INTEGRITY, NULL, NULL, NULL, NULL, 0, ¶ms); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_FORMAT_FAILED, |
||||
+ "Failed to format device: %s", strerror_l (-ret, c_locale)); |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ if (wipe) { |
||||
+ bd_utils_report_progress (progress_id, 50, "Format created"); |
||||
+ |
||||
+ dev_name = g_path_get_basename (device); |
||||
+ tmp_name = g_strdup_printf ("bd-temp-integrity-%s-%d", dev_name, g_random_int ()); |
||||
+ tmp_path = g_strdup_printf ("%s/%s", crypt_get_dir (), tmp_name); |
||||
+ |
||||
+ ret = crypt_activate_by_volume_key (cd, tmp_name, (const char *) key_data, key_size, |
||||
+ CRYPT_ACTIVATE_PRIVATE | CRYPT_ACTIVATE_NO_JOURNAL); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to activate the newly created integrity device for wiping: %s", |
||||
+ strerror_l (-ret, c_locale)); |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ bd_utils_report_progress (progress_id, 50, "Starting to wipe the newly created integrity device"); |
||||
+ ret = crypt_wipe (cd, tmp_path, CRYPT_WIPE_ZERO, 0, 0, 1048576, |
||||
+ 0, &_wipe_progress, &progress_id); |
||||
+ bd_utils_report_progress (progress_id, 100, "Wipe finished"); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to wipe the newly created integrity device: %s", |
||||
+ strerror_l (-ret, c_locale)); |
||||
+ |
||||
+ ret = crypt_deactivate (cd, tmp_name); |
||||
+ if (ret != 0) |
||||
+ g_warning ("Failed to deactivate temporary device %s", tmp_name); |
||||
+ |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ ret = crypt_deactivate (cd, tmp_name); |
||||
+ if (ret != 0) |
||||
+ g_warning ("Failed to deactivate temporary device %s", tmp_name); |
||||
+ |
||||
+ } else |
||||
+ bd_utils_report_finished (progress_id, "Completed"); |
||||
+ |
||||
+ crypt_free (cd); |
||||
+ |
||||
+ return TRUE; |
||||
+} |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_open: |
||||
+ * @device: integrity device to open |
||||
+ * @name: name for the opened @device |
||||
+ * @algorithm: (allow-none): integrity algorithm specification (e.g. "crc32c" or "sha256") or %NULL to use the default |
||||
+ * @key_data: (allow-none) (array length=key_size): integrity key or %NULL if not needed |
||||
+ * @key_size: size the integrity key and @key_data |
||||
+ * @flags: flags for the integrity device activation |
||||
+ * @extra: (allow-none): extra arguments for integrity open |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Returns: whether the @device was successfully opened or not |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const gchar *algorithm, const guint8* key_data, gsize key_size, BDCryptoIntegrityOpenFlags flags, BDCryptoIntegrityExtra *extra, GError **error) { |
||||
+ struct crypt_device *cd = NULL; |
||||
+ gint ret = 0; |
||||
+ guint64 progress_id = 0; |
||||
+ gchar *msg = NULL; |
||||
+ struct crypt_params_integrity params = ZERO_INIT; |
||||
+ |
||||
+ params.integrity = algorithm; |
||||
+ params.integrity_key_size = key_size; |
||||
+ |
||||
+ if (extra) { |
||||
+ params.sector_size = extra->sector_size; |
||||
+ params.journal_size = extra->journal_size; |
||||
+ params.journal_watermark = extra->journal_watermark; |
||||
+ params.journal_commit_time = extra->journal_commit_time; |
||||
+ params.interleave_sectors = extra->interleave_sectors; |
||||
+ params.tag_size = extra->tag_size; |
||||
+ params.buffer_sectors = extra->buffer_sectors; |
||||
+ } |
||||
+ |
||||
+ msg = g_strdup_printf ("Started opening '%s' integrity device", device); |
||||
+ progress_id = bd_utils_report_started (msg); |
||||
+ g_free (msg); |
||||
+ |
||||
+ ret = crypt_init (&cd, device); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to initialize device: %s", strerror_l (-ret, c_locale)); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ ret = crypt_load (cd, CRYPT_INTEGRITY, ¶ms); |
||||
+ if (ret != 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to load device's parameters: %s", strerror_l (-ret, c_locale)); |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ ret = crypt_activate_by_volume_key (cd, name, (const char *) key_data, key_size, flags); |
||||
+ if (ret < 0) { |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
+ "Failed to activate device: %s", strerror_l (-ret, c_locale)); |
||||
+ |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+ } |
||||
+ |
||||
+ crypt_free (cd); |
||||
+ bd_utils_report_finished (progress_id, "Completed"); |
||||
+ return TRUE; |
||||
+} |
||||
+ |
||||
+/** |
||||
+ * bd_crypto_integrity_close: |
||||
+ * @integrity_device: integrity device to close |
||||
+ * @error: (out): place to store error (if any) |
||||
+ * |
||||
+ * Returns: whether the given @integrity_device was successfully closed or not |
||||
+ * |
||||
+ * Tech category: %BD_CRYPTO_TECH_INTEGRITY-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
+ */ |
||||
+gboolean bd_crypto_integrity_close (const gchar *integrity_device, GError **error) { |
||||
+ return _crypto_close (integrity_device, "integrity", error); |
||||
+} |
||||
+ |
||||
/** |
||||
* bd_crypto_device_seems_encrypted: |
||||
* @device: the queried device |
||||
@@ -2472,7 +2723,7 @@ gboolean bd_crypto_escrow_device (const gchar *device, const gchar *passphrase, |
||||
* |
||||
* Tech category: %BD_CRYPTO_TECH_BITLK-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
*/ |
||||
-#ifndef LIBCRYPTSETUP_BITLK |
||||
+#ifndef LIBCRYPTSETUP_23 |
||||
gboolean bd_crypto_bitlk_open (const gchar *device UNUSED, const gchar *name UNUSED, const guint8* pass_data UNUSED, gsize data_len UNUSED, gboolean read_only UNUSED, GError **error) { |
||||
/* this will return FALSE and set error, because BITLK technology is not available */ |
||||
return bd_crypto_is_tech_avail (BD_CRYPTO_TECH_BITLK, BD_CRYPTO_TECH_MODE_OPEN_CLOSE, error); |
||||
@@ -2542,7 +2793,7 @@ gboolean bd_crypto_bitlk_open (const gchar *device, const gchar *name, const gui |
||||
* |
||||
* Tech category: %BD_CRYPTO_TECH_BITLK-%BD_CRYPTO_TECH_MODE_OPEN_CLOSE |
||||
*/ |
||||
-#ifndef LIBCRYPTSETUP_BITLK |
||||
+#ifndef LIBCRYPTSETUP_23 |
||||
gboolean bd_crypto_bitlk_close (const gchar *bitlk_device UNUSED, GError **error) { |
||||
/* this will return FALSE and set error, because BITLK technology is not available */ |
||||
return bd_crypto_is_tech_avail (BD_CRYPTO_TECH_BITLK, BD_CRYPTO_TECH_MODE_OPEN_CLOSE, error); |
||||
diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h |
||||
index a38724d..166e558 100644 |
||||
--- a/src/plugins/crypto.h |
||||
+++ b/src/plugins/crypto.h |
||||
@@ -116,6 +116,43 @@ void bd_crypto_luks_extra_free (BDCryptoLUKSExtra *extra); |
||||
BDCryptoLUKSExtra* bd_crypto_luks_extra_copy (BDCryptoLUKSExtra *extra); |
||||
BDCryptoLUKSExtra* bd_crypto_luks_extra_new (guint64 data_alignment, const gchar *data_device, const gchar *integrity, guint64 sector_size, const gchar *label, const gchar *subsystem, BDCryptoLUKSPBKDF *pbkdf); |
||||
|
||||
+/** |
||||
+ * BDCryptoIntegrityExtra: |
||||
+ * @sector_size: integrity sector size |
||||
+ * @journal_size: size of journal in bytes |
||||
+ * @journal_watermark: journal flush watermark in percents; in bitmap mode sectors-per-bit |
||||
+ * @journal_commit_time: journal commit time (or bitmap flush time) in ms |
||||
+ * @interleave_sectors: number of interleave sectors (power of two) |
||||
+ * @tag_size: tag size per-sector in bytes |
||||
+ * @buffer_sectors: number of sectors in one buffer |
||||
+ */ |
||||
+typedef struct BDCryptoIntegrityExtra { |
||||
+ guint32 sector_size; |
||||
+ guint64 journal_size; |
||||
+ guint journal_watermark; |
||||
+ guint journal_commit_time; |
||||
+ guint32 interleave_sectors; |
||||
+ guint32 tag_size; |
||||
+ guint32 buffer_sectors; |
||||
+} BDCryptoIntegrityExtra; |
||||
+ |
||||
+void bd_crypto_integrity_extra_free (BDCryptoIntegrityExtra *extra); |
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_copy (BDCryptoIntegrityExtra *extra); |
||||
+BDCryptoIntegrityExtra* bd_crypto_integrity_extra_new (guint64 sector_size, guint64 journal_size, guint journal_watermark, guint journal_commit_time, guint64 interleave_sectors, guint64 tag_size, guint64 buffer_sectors); |
||||
+ |
||||
+typedef enum { |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = CRYPT_ACTIVATE_NO_JOURNAL, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = CRYPT_ACTIVATE_RECOVERY, |
||||
+#ifdef CRYPT_ACTIVATE_NO_JOURNAL_BITMAP |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = CRYPT_ACTIVATE_NO_JOURNAL_BITMAP, |
||||
+#endif |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = CRYPT_ACTIVATE_RECALCULATE, |
||||
+#ifdef CRYPT_ACTIVATE_RECALCULATE_RESET |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = CRYPT_ACTIVATE_RECALCULATE_RESET, |
||||
+#endif |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = CRYPT_ACTIVATE_ALLOW_DISCARDS, |
||||
+} BDCryptoIntegrityOpenFlags; |
||||
+ |
||||
/** |
||||
* BDCryptoLUKSInfo: |
||||
* @version: LUKS version |
||||
@@ -209,6 +246,10 @@ gboolean bd_crypto_luks_header_restore (const gchar *device, const gchar *backup |
||||
BDCryptoLUKSInfo* bd_crypto_luks_info (const gchar *luks_device, GError **error); |
||||
BDCryptoIntegrityInfo* bd_crypto_integrity_info (const gchar *device, GError **error); |
||||
|
||||
+gboolean bd_crypto_integrity_format (const gchar *device, const gchar *algorithm, gboolean wipe, const guint8* key_data, gsize key_size, BDCryptoIntegrityExtra *extra, GError **error); |
||||
+gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const gchar *algorithm, const guint8* key_data, gsize key_size, BDCryptoIntegrityOpenFlags flags, BDCryptoIntegrityExtra *extra, GError **error); |
||||
+gboolean bd_crypto_integrity_close (const gchar *integrity_device, GError **error); |
||||
+ |
||||
gboolean bd_crypto_device_seems_encrypted (const gchar *device, GError **error); |
||||
gboolean bd_crypto_tc_open (const gchar *device, const gchar *name, const guint8* pass_data, gsize data_len, gboolean read_only, GError **error); |
||||
gboolean bd_crypto_tc_open_full (const gchar *device, const gchar *name, const guint8* pass_data, gsize data_len, const gchar **keyfiles, gboolean hidden, gboolean system, gboolean veracrypt, guint32 veracrypt_pim, gboolean read_only, GError **error); |
||||
diff --git a/src/python/gi/overrides/BlockDev.py b/src/python/gi/overrides/BlockDev.py |
||||
index 715a262..71bcd31 100644 |
||||
--- a/src/python/gi/overrides/BlockDev.py |
||||
+++ b/src/python/gi/overrides/BlockDev.py |
||||
@@ -276,6 +276,30 @@ def crypto_bitlk_open(device, name, passphrase, read_only=False): |
||||
__all__.append("crypto_bitlk_open") |
||||
|
||||
|
||||
+class CryptoIntegrityExtra(BlockDev.CryptoIntegrityExtra): |
||||
+ def __new__(cls, sector_size=0, journal_size=0, journal_watermark=0, journal_commit_time=0, interleave_sectors=0, tag_size=0, buffer_sectors=0): |
||||
+ ret = BlockDev.CryptoIntegrityExtra.new(sector_size, journal_size, journal_watermark, journal_commit_time, interleave_sectors, tag_size, buffer_sectors) |
||||
+ ret.__class__ = cls |
||||
+ return ret |
||||
+ def __init__(self, *args, **kwargs): # pylint: disable=unused-argument |
||||
+ super(CryptoIntegrityExtra, self).__init__() #pylint: disable=bad-super-call |
||||
+CryptoIntegrityExtra = override(CryptoIntegrityExtra) |
||||
+__all__.append("CryptoIntegrityExtra") |
||||
+ |
||||
+ |
||||
+_crypto_integrity_format = BlockDev.crypto_integrity_format |
||||
+@override(BlockDev.crypto_integrity_format) |
||||
+def crypto_integrity_format(device, algorithm=None, wipe=True, key_data=None, extra=None): |
||||
+ return _crypto_integrity_format(device, algorithm, wipe, key_data, extra) |
||||
+__all__.append("crypto_integrity_format") |
||||
+ |
||||
+_crypto_integrity_open = BlockDev.crypto_integrity_open |
||||
+@override(BlockDev.crypto_integrity_open) |
||||
+def crypto_integrity_open(device, name, algorithm, key_data=None, flags=0, extra=None): |
||||
+ return _crypto_integrity_open(device, name, algorithm, key_data, flags, extra) |
||||
+__all__.append("crypto_integrity_open") |
||||
+ |
||||
+ |
||||
_dm_create_linear = BlockDev.dm_create_linear |
||||
@override(BlockDev.dm_create_linear) |
||||
def dm_create_linear(map_name, device, length, uuid=None): |
||||
diff --git a/tests/crypto_test.py b/tests/crypto_test.py |
||||
index 0aecc03..1c6832e 100644 |
||||
--- a/tests/crypto_test.py |
||||
+++ b/tests/crypto_test.py |
||||
@@ -2,6 +2,7 @@ import unittest |
||||
import os |
||||
import tempfile |
||||
import overrides_hack |
||||
+import secrets |
||||
import shutil |
||||
import subprocess |
||||
import six |
||||
@@ -42,6 +43,8 @@ class CryptoTestCase(unittest.TestCase): |
||||
|
||||
requested_plugins = BlockDev.plugin_specs_from_names(("crypto", "loop")) |
||||
|
||||
+ _dm_name = "libblockdevTestLUKS" |
||||
+ |
||||
@classmethod |
||||
def setUpClass(cls): |
||||
unittest.TestCase.setUpClass() |
||||
@@ -72,7 +75,7 @@ class CryptoTestCase(unittest.TestCase): |
||||
|
||||
def _clean_up(self): |
||||
try: |
||||
- BlockDev.crypto_luks_close("libblockdevTestLUKS") |
||||
+ BlockDev.crypto_luks_close(self._dm_name) |
||||
except: |
||||
pass |
||||
|
||||
@@ -964,7 +967,8 @@ class CryptoTestInfo(CryptoTestCase): |
||||
succ = BlockDev.crypto_luks_close("libblockdevTestLUKS") |
||||
self.assertTrue(succ) |
||||
|
||||
-class CryptoTestIntegrity(CryptoTestCase): |
||||
+ |
||||
+class CryptoTestLUKS2Integrity(CryptoTestCase): |
||||
@tag_test(TestTags.SLOW) |
||||
@unittest.skipUnless(HAVE_LUKS2, "LUKS 2 not supported") |
||||
def test_luks2_integrity(self): |
||||
@@ -1151,3 +1155,92 @@ class CryptoTestBitlk(CryptoTestCase): |
||||
succ = BlockDev.crypto_bitlk_close("libblockdevTestBitlk") |
||||
self.assertTrue(succ) |
||||
self.assertFalse(os.path.exists("/dev/mapper/libblockdevTestBitlk")) |
||||
+ |
||||
+ |
||||
+class CryptoTestIntegrity(CryptoTestCase): |
||||
+ |
||||
+ _dm_name = "libblockdevTestIntegrity" |
||||
+ |
||||
+ @unittest.skipUnless(HAVE_LUKS2, "Integrity not supported") |
||||
+ def test_integrity(self): |
||||
+ # basic format+open+close test |
||||
+ succ = BlockDev.crypto_integrity_format(self.loop_dev, "sha256", False) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_open(self.loop_dev, self._dm_name, "sha256") |
||||
+ self.assertTrue(succ) |
||||
+ self.assertTrue(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ info = BlockDev.crypto_integrity_info(self._dm_name) |
||||
+ self.assertEqual(info.algorithm, "sha256") |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_close(self._dm_name) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ # same now with a keyed algorithm |
||||
+ key = list(secrets.token_bytes(64)) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_format(self.loop_dev, "hmac(sha256)", False, key) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_open(self.loop_dev, self._dm_name, "hmac(sha256)", key) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertTrue(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ info = BlockDev.crypto_integrity_info(self._dm_name) |
||||
+ self.assertEqual(info.algorithm, "hmac(sha256)") |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_close(self._dm_name) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ # same with some custom parameters |
||||
+ extra = BlockDev.CryptoIntegrityExtra(sector_size=4096, interleave_sectors=65536) |
||||
+ succ = BlockDev.crypto_integrity_format(self.loop_dev, "crc32c", wipe=False, extra=extra) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_open(self.loop_dev, self._dm_name, "crc32c") |
||||
+ self.assertTrue(succ) |
||||
+ self.assertTrue(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ info = BlockDev.crypto_integrity_info(self._dm_name) |
||||
+ self.assertEqual(info.algorithm, "crc32c") |
||||
+ self.assertEqual(info.sector_size, 4096) |
||||
+ self.assertEqual(info.interleave_sectors, 65536) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_close(self._dm_name) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ @tag_test(TestTags.SLOW) |
||||
+ @unittest.skipUnless(HAVE_LUKS2, "Integrity not supported") |
||||
+ def test_integrity_wipe(self): |
||||
+ # also check that wipe progress reporting works |
||||
+ progress_log = [] |
||||
+ |
||||
+ def _my_progress_func(_task, _status, completion, msg): |
||||
+ progress_log.append((completion, msg)) |
||||
+ |
||||
+ succ = BlockDev.utils_init_prog_reporting(_my_progress_func) |
||||
+ self.assertTrue(succ) |
||||
+ self.addCleanup(BlockDev.utils_init_prog_reporting, None) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_format(self.loop_dev, "sha256", True) |
||||
+ self.assertTrue(succ) |
||||
+ |
||||
+ # at least one message "Integrity device wipe in progress" should be logged |
||||
+ self.assertTrue(any(prog[1] == "Integrity device wipe in progress" for prog in progress_log)) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_open(self.loop_dev, self._dm_name, "sha256") |
||||
+ self.assertTrue(succ) |
||||
+ self.assertTrue(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ # check the devices was wiped and the checksums recalculated |
||||
+ # (mkfs reads some blocks first so without checksums it would fail) |
||||
+ ret, _out, err = run_command("mkfs.ext2 /dev/mapper/%s " % self._dm_name) |
||||
+ self.assertEqual(ret, 0, msg="Failed to create ext2 filesystem on integrity: %s" % err) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_close(self._dm_name) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
-- |
||||
2.31.1 |
||||
|
||||
|
||||
From 4dcb7a42a2cb33f7a63021d72889c9a9688adfd3 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Thu, 30 Sep 2021 16:01:40 +0200 |
||||
Subject: [PATCH 2/3] Create smaller test images for integrity tests |
||||
|
||||
We are going to overwrite the entire device in test_integrity_wipe |
||||
so we need to make sure the sparse actually fits to /tmp which |
||||
can be smaller than 1 GiB. |
||||
--- |
||||
tests/crypto_test.py | 6 ++++-- |
||||
1 file changed, 4 insertions(+), 2 deletions(-) |
||||
|
||||
diff --git a/tests/crypto_test.py b/tests/crypto_test.py |
||||
index 1c6832e..b7ec251 100644 |
||||
--- a/tests/crypto_test.py |
||||
+++ b/tests/crypto_test.py |
||||
@@ -44,6 +44,7 @@ class CryptoTestCase(unittest.TestCase): |
||||
requested_plugins = BlockDev.plugin_specs_from_names(("crypto", "loop")) |
||||
|
||||
_dm_name = "libblockdevTestLUKS" |
||||
+ _sparse_size = 1024**3 |
||||
|
||||
@classmethod |
||||
def setUpClass(cls): |
||||
@@ -57,8 +58,8 @@ class CryptoTestCase(unittest.TestCase): |
||||
|
||||
def setUp(self): |
||||
self.addCleanup(self._clean_up) |
||||
- self.dev_file = create_sparse_tempfile("crypto_test", 1024**3) |
||||
- self.dev_file2 = create_sparse_tempfile("crypto_test2", 1024**3) |
||||
+ self.dev_file = create_sparse_tempfile("crypto_test", self._sparse_size) |
||||
+ self.dev_file2 = create_sparse_tempfile("crypto_test2", self._sparse_size) |
||||
try: |
||||
self.loop_dev = create_lio_device(self.dev_file) |
||||
except RuntimeError as e: |
||||
@@ -1160,6 +1161,7 @@ class CryptoTestBitlk(CryptoTestCase): |
||||
class CryptoTestIntegrity(CryptoTestCase): |
||||
|
||||
_dm_name = "libblockdevTestIntegrity" |
||||
+ _sparse_size = 100 * 1024**2 |
||||
|
||||
@unittest.skipUnless(HAVE_LUKS2, "Integrity not supported") |
||||
def test_integrity(self): |
||||
-- |
||||
2.31.1 |
||||
|
||||
|
||||
From 3b82f9085c0df2e58b673716cdefd747495738e2 Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 20 Oct 2021 10:27:41 +0200 |
||||
Subject: [PATCH 3/3] crypto: Do not use libcryptsetup flags directly in |
||||
crypto.h |
||||
|
||||
We can "translate" our flags in the implementation instead to |
||||
avoid including libcryptsetup.h in our header and API files. |
||||
--- |
||||
src/lib/plugin_apis/crypto.api | 17 ++++++----------- |
||||
src/plugins/crypto.c | 34 +++++++++++++++++++++++++++++++++- |
||||
src/plugins/crypto.h | 16 ++++++---------- |
||||
tests/crypto_test.py | 14 ++++++++++++++ |
||||
4 files changed, 59 insertions(+), 22 deletions(-) |
||||
|
||||
diff --git a/src/lib/plugin_apis/crypto.api b/src/lib/plugin_apis/crypto.api |
||||
index 40e32c8..cf87979 100644 |
||||
--- a/src/lib/plugin_apis/crypto.api |
||||
+++ b/src/lib/plugin_apis/crypto.api |
||||
@@ -1,6 +1,5 @@ |
||||
#include <glib.h> |
||||
#include <blockdev/utils.h> |
||||
-#include <libcryptsetup.h> |
||||
|
||||
#define BD_CRYPTO_LUKS_METADATA_SIZE G_GUINT64_CONSTANT (2097152ULL) // 2 MiB |
||||
|
||||
@@ -343,16 +342,12 @@ GType bd_crypto_integrity_extra_get_type () { |
||||
} |
||||
|
||||
typedef enum { |
||||
- BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = CRYPT_ACTIVATE_NO_JOURNAL, |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = CRYPT_ACTIVATE_RECOVERY, |
||||
-#ifdef CRYPT_ACTIVATE_NO_JOURNAL_BITMAP |
||||
- BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = CRYPT_ACTIVATE_NO_JOURNAL_BITMAP, |
||||
-#endif |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = CRYPT_ACTIVATE_RECALCULATE, |
||||
-#ifdef CRYPT_ACTIVATE_RECALCULATE_RESET |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = CRYPT_ACTIVATE_RECALCULATE_RESET, |
||||
-#endif |
||||
- BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = CRYPT_ACTIVATE_ALLOW_DISCARDS, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = 1 << 0, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = 1 << 1, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = 1 << 2, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = 1 << 3, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = 1 << 4, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = 1 << 5, |
||||
} BDCryptoIntegrityOpenFlags; |
||||
|
||||
#define BD_CRYPTO_TYPE_LUKS_INFO (bd_crypto_luks_info_get_type ()) |
||||
diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c |
||||
index b1b0700..8a4d64a 100644 |
||||
--- a/src/plugins/crypto.c |
||||
+++ b/src/plugins/crypto.c |
||||
@@ -2223,6 +2223,7 @@ gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const |
||||
guint64 progress_id = 0; |
||||
gchar *msg = NULL; |
||||
struct crypt_params_integrity params = ZERO_INIT; |
||||
+ guint32 activate_flags = 0; |
||||
|
||||
params.integrity = algorithm; |
||||
params.integrity_key_size = key_size; |
||||
@@ -2237,6 +2238,37 @@ gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const |
||||
params.buffer_sectors = extra->buffer_sectors; |
||||
} |
||||
|
||||
+ |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL) |
||||
+ activate_flags |= CRYPT_ACTIVATE_NO_JOURNAL; |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_RECOVERY) |
||||
+ activate_flags |= CRYPT_ACTIVATE_RECOVERY; |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE) |
||||
+ activate_flags |= CRYPT_ACTIVATE_RECALCULATE; |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS) |
||||
+ activate_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP) { |
||||
+#ifndef CRYPT_ACTIVATE_NO_JOURNAL_BITMAP |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_TECH_UNAVAIL, |
||||
+ "Cannot activate %s with bitmap, installed version of cryptsetup doesn't support this option.", device); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+#else |
||||
+ activate_flags |= CRYPT_ACTIVATE_NO_JOURNAL_BITMAP; |
||||
+#endif |
||||
+ } |
||||
+ |
||||
+ if (flags & BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET) { |
||||
+#ifndef CRYPT_ACTIVATE_RECALCULATE_RESET |
||||
+ g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_TECH_UNAVAIL, |
||||
+ "Cannot reset integrity recalculation while activating %s, installed version of cryptsetup doesn't support this option.", device); |
||||
+ bd_utils_report_finished (progress_id, (*error)->message); |
||||
+ return FALSE; |
||||
+#else |
||||
+ activate_flags |= CRYPT_ACTIVATE_RECALCULATE_RESET; |
||||
+#endif |
||||
+ } |
||||
+ |
||||
msg = g_strdup_printf ("Started opening '%s' integrity device", device); |
||||
progress_id = bd_utils_report_started (msg); |
||||
g_free (msg); |
||||
@@ -2258,7 +2290,7 @@ gboolean bd_crypto_integrity_open (const gchar *device, const gchar *name, const |
||||
return FALSE; |
||||
} |
||||
|
||||
- ret = crypt_activate_by_volume_key (cd, name, (const char *) key_data, key_size, flags); |
||||
+ ret = crypt_activate_by_volume_key (cd, name, (const char *) key_data, key_size, activate_flags); |
||||
if (ret < 0) { |
||||
g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, |
||||
"Failed to activate device: %s", strerror_l (-ret, c_locale)); |
||||
diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h |
||||
index 166e558..b5f133c 100644 |
||||
--- a/src/plugins/crypto.h |
||||
+++ b/src/plugins/crypto.h |
||||
@@ -141,16 +141,12 @@ BDCryptoIntegrityExtra* bd_crypto_integrity_extra_copy (BDCryptoIntegrityExtra * |
||||
BDCryptoIntegrityExtra* bd_crypto_integrity_extra_new (guint64 sector_size, guint64 journal_size, guint journal_watermark, guint journal_commit_time, guint64 interleave_sectors, guint64 tag_size, guint64 buffer_sectors); |
||||
|
||||
typedef enum { |
||||
- BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = CRYPT_ACTIVATE_NO_JOURNAL, |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = CRYPT_ACTIVATE_RECOVERY, |
||||
-#ifdef CRYPT_ACTIVATE_NO_JOURNAL_BITMAP |
||||
- BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = CRYPT_ACTIVATE_NO_JOURNAL_BITMAP, |
||||
-#endif |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = CRYPT_ACTIVATE_RECALCULATE, |
||||
-#ifdef CRYPT_ACTIVATE_RECALCULATE_RESET |
||||
- BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = CRYPT_ACTIVATE_RECALCULATE_RESET, |
||||
-#endif |
||||
- BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = CRYPT_ACTIVATE_ALLOW_DISCARDS, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL = 1 << 0, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECOVERY = 1 << 1, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_NO_JOURNAL_BITMAP = 1 << 2, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE = 1 << 3, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_RECALCULATE_RESET = 1 << 4, |
||||
+ BD_CRYPTO_INTEGRITY_OPEN_ALLOW_DISCARDS = 1 << 5, |
||||
} BDCryptoIntegrityOpenFlags; |
||||
|
||||
/** |
||||
diff --git a/tests/crypto_test.py b/tests/crypto_test.py |
||||
index b7ec251..673d8b8 100644 |
||||
--- a/tests/crypto_test.py |
||||
+++ b/tests/crypto_test.py |
||||
@@ -1215,6 +1215,20 @@ class CryptoTestIntegrity(CryptoTestCase): |
||||
self.assertTrue(succ) |
||||
self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
|
||||
+ # open with flags |
||||
+ succ = BlockDev.crypto_integrity_open(self.loop_dev, self._dm_name, "crc32c", |
||||
+ flags=BlockDev.CryptoIntegrityOpenFlags.ALLOW_DISCARDS) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertTrue(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
+ # check that discard is enabled for the mapped device |
||||
+ _ret, out, _err = run_command("dmsetup table %s" % self._dm_name) |
||||
+ self.assertIn("allow_discards", out) |
||||
+ |
||||
+ succ = BlockDev.crypto_integrity_close(self._dm_name) |
||||
+ self.assertTrue(succ) |
||||
+ self.assertFalse(os.path.exists("/dev/mapper/%s" % self._dm_name)) |
||||
+ |
||||
@tag_test(TestTags.SLOW) |
||||
@unittest.skipUnless(HAVE_LUKS2, "Integrity not supported") |
||||
def test_integrity_wipe(self): |
||||
-- |
||||
2.31.1 |
||||
|
@ -0,0 +1,278 @@
@@ -0,0 +1,278 @@
|
||||
From d0ba031e679d480855bea61060acea597d5ffbbd Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Wed, 15 Dec 2021 14:14:19 +0100 |
||||
Subject: [PATCH 1/2] tests: Wait for raid and mirrored LVs to be synced before |
||||
removing |
||||
|
||||
Resolves: rhbz#2030647 |
||||
--- |
||||
tests/lvm_dbus_tests.py | 31 +++++++++++++++++++++++++------ |
||||
tests/lvm_test.py | 31 +++++++++++++++++++++++++------ |
||||
2 files changed, 50 insertions(+), 12 deletions(-) |
||||
|
||||
diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py |
||||
index 5516afe..5ce653e 100644 |
||||
--- a/tests/lvm_dbus_tests.py |
||||
+++ b/tests/lvm_dbus_tests.py |
||||
@@ -7,6 +7,8 @@ import six |
||||
import re |
||||
import shutil |
||||
import subprocess |
||||
+import time |
||||
+from contextlib import contextmanager |
||||
from distutils.version import LooseVersion |
||||
from itertools import chain |
||||
|
||||
@@ -18,6 +20,21 @@ sb = dbus.SystemBus() |
||||
lvm_dbus_running = any("lvmdbus" in name for name in chain(sb.list_names(), sb.list_activatable_names())) |
||||
|
||||
|
||||
+@contextmanager |
||||
+def wait_for_sync(vg_name, lv_name): |
||||
+ try: |
||||
+ yield |
||||
+ finally: |
||||
+ time.sleep(2) |
||||
+ while True: |
||||
+ ret, out, _err = run_command("LC_ALL=C lvs -o copy_percent --noheadings %s/%s" % (vg_name, lv_name)) |
||||
+ if ret != 0: |
||||
+ break |
||||
+ if int(float(out)) == 100: |
||||
+ break |
||||
+ time.sleep(1) |
||||
+ |
||||
+ |
||||
class LVMTestCase(unittest.TestCase): |
||||
@classmethod |
||||
def setUpClass(cls): |
||||
@@ -801,9 +818,10 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
succ = BlockDev.lvm_lvremove("testVG", "testLV", True, None) |
||||
self.assertTrue(succ) |
||||
|
||||
- # try to create a mirrored LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
- self.assertTrue(succ) |
||||
+ with wait_for_sync("testVG", "testLV"): |
||||
+ # try to create a mirrored LV |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
+ self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
info = BlockDev.lvm_lvinfo("testVG", "testLV") |
||||
@@ -812,9 +830,10 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
succ = BlockDev.lvm_lvremove("testVG", "testLV", True, None) |
||||
self.assertTrue(succ) |
||||
|
||||
- # try to create a raid1 LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
- self.assertTrue(succ) |
||||
+ with wait_for_sync("testVG", "testLV"): |
||||
+ # try to create a raid1 LV |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
+ self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
info = BlockDev.lvm_lvinfo("testVG", "testLV") |
||||
diff --git a/tests/lvm_test.py b/tests/lvm_test.py |
||||
index e349817..12b78ca 100644 |
||||
--- a/tests/lvm_test.py |
||||
+++ b/tests/lvm_test.py |
||||
@@ -7,12 +7,29 @@ import six |
||||
import re |
||||
import shutil |
||||
import subprocess |
||||
+import time |
||||
+from contextlib import contextmanager |
||||
from distutils.version import LooseVersion |
||||
|
||||
from utils import create_sparse_tempfile, create_lio_device, delete_lio_device, fake_utils, fake_path, TestTags, tag_test, run_command, read_file |
||||
from gi.repository import BlockDev, GLib |
||||
|
||||
|
||||
+@contextmanager |
||||
+def wait_for_sync(vg_name, lv_name): |
||||
+ try: |
||||
+ yield |
||||
+ finally: |
||||
+ time.sleep(2) |
||||
+ while True: |
||||
+ info = BlockDev.lvm_lvinfo(vg_name, lv_name) |
||||
+ if not info: |
||||
+ break |
||||
+ if info.copy_percent == 100: |
||||
+ break |
||||
+ time.sleep(1) |
||||
+ |
||||
+ |
||||
class LVMTestCase(unittest.TestCase): |
||||
|
||||
@classmethod |
||||
@@ -737,9 +754,10 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
succ = BlockDev.lvm_lvremove("testVG", "testLV", True, None) |
||||
self.assertTrue(succ) |
||||
|
||||
- # try to create a mirrored LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
- self.assertTrue(succ) |
||||
+ with wait_for_sync("testVG", "testLV"): |
||||
+ # try to create a mirrored LV |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
+ self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
info = BlockDev.lvm_lvinfo("testVG", "testLV") |
||||
@@ -748,9 +766,10 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
succ = BlockDev.lvm_lvremove("testVG", "testLV", True, None) |
||||
self.assertTrue(succ) |
||||
|
||||
- # try to create a raid1 LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
- self.assertTrue(succ) |
||||
+ with wait_for_sync("testVG", "testLV"): |
||||
+ # try to create a raid1 LV |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
+ self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
info = BlockDev.lvm_lvinfo("testVG", "testLV") |
||||
-- |
||||
2.31.1 |
||||
|
||||
|
||||
From 36dbac970bc4a052dbd97f51eb47379036d15b6e Mon Sep 17 00:00:00 2001 |
||||
From: Vojtech Trefny <vtrefny@redhat.com> |
||||
Date: Thu, 16 Dec 2021 12:27:33 +0100 |
||||
Subject: [PATCH 2/2] tests: Make smaller images for test_lvcreate_type |
||||
|
||||
We are now waiting for the initial resync for the RAID/mirror LVs |
||||
which means we are trying to overwrite the entire 1 GB image which |
||||
doesn't fit in /tmp on our CI machines. |
||||
--- |
||||
tests/lvm_dbus_tests.py | 16 +++++++++++----- |
||||
tests/lvm_test.py | 15 ++++++++++----- |
||||
2 files changed, 21 insertions(+), 10 deletions(-) |
||||
|
||||
diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py |
||||
index 5ce653e..723aabb 100644 |
||||
--- a/tests/lvm_dbus_tests.py |
||||
+++ b/tests/lvm_dbus_tests.py |
||||
@@ -313,14 +313,17 @@ class LvmNoDevTestCase(LVMTestCase): |
||||
|
||||
@unittest.skipUnless(lvm_dbus_running, "LVM DBus not running") |
||||
class LvmPVonlyTestCase(LVMTestCase): |
||||
+ |
||||
+ _sparse_size = 1024**3 |
||||
+ |
||||
# :TODO: |
||||
# * test pvmove (must create two PVs, a VG, a VG and some data in it |
||||
# first) |
||||
# * some complex test for pvs, vgs, lvs, pvinfo, vginfo and lvinfo |
||||
def setUp(self): |
||||
self.addCleanup(self._clean_up) |
||||
- self.dev_file = create_sparse_tempfile("lvm_test", 1024**3) |
||||
- self.dev_file2 = create_sparse_tempfile("lvm_test", 1024**3) |
||||
+ self.dev_file = create_sparse_tempfile("lvm_test", self._sparse_size) |
||||
+ self.dev_file2 = create_sparse_tempfile("lvm_test", self._sparse_size) |
||||
try: |
||||
self.loop_dev = create_lio_device(self.dev_file) |
||||
except RuntimeError as e: |
||||
@@ -795,6 +798,9 @@ class LvmTestLVcreateWithExtra(LvmPVVGLVTestCase): |
||||
|
||||
@unittest.skipUnless(lvm_dbus_running, "LVM DBus not running") |
||||
class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
+ |
||||
+ _sparse_size = 200 * 1024**2 |
||||
+ |
||||
def test_lvcreate_type(self): |
||||
"""Verify it's possible to create LVs with various types""" |
||||
|
||||
@@ -808,7 +814,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
self.assertTrue(succ) |
||||
|
||||
# try to create a striped LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "striped", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "striped", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
@@ -820,7 +826,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
|
||||
with wait_for_sync("testVG", "testLV"): |
||||
# try to create a mirrored LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
@@ -832,7 +838,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
|
||||
with wait_for_sync("testVG", "testLV"): |
||||
# try to create a raid1 LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
diff --git a/tests/lvm_test.py b/tests/lvm_test.py |
||||
index 12b78ca..97f6c69 100644 |
||||
--- a/tests/lvm_test.py |
||||
+++ b/tests/lvm_test.py |
||||
@@ -302,14 +302,17 @@ class LvmNoDevTestCase(LVMTestCase): |
||||
BlockDev.lvm_cache_get_mode_from_str("bla") |
||||
|
||||
class LvmPVonlyTestCase(LVMTestCase): |
||||
+ |
||||
+ _sparse_size = 1024**3 |
||||
+ |
||||
# :TODO: |
||||
# * test pvmove (must create two PVs, a VG, a VG and some data in it |
||||
# first) |
||||
# * some complex test for pvs, vgs, lvs, pvinfo, vginfo and lvinfo |
||||
def setUp(self): |
||||
self.addCleanup(self._clean_up) |
||||
- self.dev_file = create_sparse_tempfile("lvm_test", 1024**3) |
||||
- self.dev_file2 = create_sparse_tempfile("lvm_test", 1024**3) |
||||
+ self.dev_file = create_sparse_tempfile("lvm_test", self._sparse_size) |
||||
+ self.dev_file2 = create_sparse_tempfile("lvm_test", self._sparse_size) |
||||
try: |
||||
self.loop_dev = create_lio_device(self.dev_file) |
||||
except RuntimeError as e: |
||||
@@ -731,6 +734,8 @@ class LvmTestLVcreateWithExtra(LvmPVVGLVTestCase): |
||||
self.assertTrue(succ) |
||||
|
||||
class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
+ _sparse_size = 200 * 1024**2 |
||||
+ |
||||
def test_lvcreate_type(self): |
||||
"""Verify it's possible to create LVs with various types""" |
||||
|
||||
@@ -744,7 +749,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
self.assertTrue(succ) |
||||
|
||||
# try to create a striped LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "striped", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "striped", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
@@ -756,7 +761,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
|
||||
with wait_for_sync("testVG", "testLV"): |
||||
# try to create a mirrored LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "mirror", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
@@ -768,7 +773,7 @@ class LvmTestLVcreateType(LvmPVVGLVTestCase): |
||||
|
||||
with wait_for_sync("testVG", "testLV"): |
||||
# try to create a raid1 LV |
||||
- succ = BlockDev.lvm_lvcreate("testVG", "testLV", 512 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
+ succ = BlockDev.lvm_lvcreate("testVG", "testLV", 100 * 1024**2, "raid1", [self.loop_dev, self.loop_dev2], None) |
||||
self.assertTrue(succ) |
||||
|
||||
# verify that the LV has the requested segtype |
||||
-- |
||||
2.31.1 |
||||
|
@ -0,0 +1,15 @@
@@ -0,0 +1,15 @@
|
||||
diff --git a/src/plugins/kbd.c b/src/plugins/kbd.c |
||||
index a2908ec..97abd3b 100644 |
||||
--- a/src/plugins/kbd.c |
||||
+++ b/src/plugins/kbd.c |
||||
@@ -732,6 +732,10 @@ static gboolean wait_for_file (const char *filename) { |
||||
* |
||||
* Tech category: %BD_KBD_TECH_BCACHE-%BD_KBD_TECH_MODE_CREATE |
||||
*/ |
||||
+/* This triggers a known false positive warning in gcc-11. It's being |
||||
+ addressed upstream, but until the fix is available, this works around |
||||
+ the false positive. */ |
||||
+__attribute__ ((optimize ("-O1"))) |
||||
gboolean bd_kbd_bcache_create (const gchar *backing_device, const gchar *cache_device, const BDExtraArg **extra, const gchar **bcache_device, GError **error) { |
||||
const gchar *argv[6] = {"make-bcache", "-B", backing_device, "-C", cache_device, NULL}; |
||||
gboolean success = FALSE; |
Loading…
Reference in new issue