"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/tests/integrity-compat-test" (13 Jan 2022, 18203 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "integrity-compat-test": 2.4.0_vs_2.4.1.

    1 #!/bin/bash
    2 #
    3 # Test integritysetup compatibility.
    4 #
    5 [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
    6 INTSETUP=$CRYPTSETUP_PATH/integritysetup
    7 
    8 INTSETUP_VALGRIND=../.libs/integritysetup
    9 INTSETUP_LIB_VALGRIND=../.libs
   10 
   11 DEV_NAME=dmc_test
   12 DEV_NAME2=dmc_fake
   13 DEV_LOOP=""
   14 DEV=test123.img
   15 DEV2=test124.img
   16 KEY_FILE=key.img
   17 KEY_FILE2=key2.img
   18 
   19 dmremove() { # device
   20     udevadm settle >/dev/null 2>&1
   21     dmsetup remove --retry $1 >/dev/null 2>&1
   22 }
   23 
   24 cleanup() {
   25     [ -b /dev/mapper/$DEV_NAME ] && dmremove $DEV_NAME
   26     [ -b /dev/mapper/$DEV_NAME2 ] && dmremove $DEV_NAME2
   27     [ -n "$DEV_LOOP" ] && losetup -d "$DEV_LOOP"
   28     DEV_LOOP=""
   29     rm -f $DEV $DEV2 $KEY_FILE $KEY_FILE2 >/dev/null 2>&1
   30 }
   31 
   32 fail()
   33 {
   34     [ -n "$1" ] && echo "$1"
   35     echo "FAILED backtrace:"
   36     while caller $frame; do ((frame++)); done
   37     cleanup
   38     exit 100
   39 }
   40 
   41 skip()
   42 {
   43     [ -n "$1" ] && echo "$1"
   44     exit 77
   45 }
   46 
   47 function dm_integrity_features()
   48 {
   49     VER_STR=$(dmsetup targets | grep integrity | cut -f2 -dv)
   50     [ -z "$VER_STR" ] && skip "Cannot find dm-integrity target, test skipped."
   51 
   52     VER_MAJ=$(echo $VER_STR | cut -f 1 -d.)
   53     VER_MIN=$(echo $VER_STR | cut -f 2 -d.)
   54     VER_PTC=$(echo $VER_STR | cut -f 3 -d.)
   55 
   56     [ $VER_MAJ -lt 1 ] && return
   57     [ $VER_MIN -gt 1 ] && {
   58         DM_INTEGRITY_META=1
   59         DM_INTEGRITY_RECALC=1
   60     }
   61     [ $VER_MIN -gt 2 ] && {
   62         DM_INTEGRITY_BITMAP=1
   63     }
   64     [ $VER_MIN -gt 6 ] && {
   65         DM_INTEGRITY_HMAC_FIX=1
   66     }
   67     [ $VER_MIN -gt 7 ] && {
   68         DM_INTEGRITY_RESET=1
   69     }
   70 }
   71 
   72 add_device() {
   73     cleanup
   74     dd if=/dev/urandom of=$KEY_FILE bs=4096 count=1 >/dev/null 2>&1
   75     dd if=/dev/urandom of=$KEY_FILE2 bs=1 count=32 >/dev/null 2>&1
   76     dd if=/dev/zero of=$DEV bs=1M count=32 >/dev/null 2>&1
   77     dd if=/dev/zero of=$DEV2 bs=1M count=32 >/dev/null 2>&1
   78     sync
   79 }
   80 
   81 status_check() # name value
   82 {
   83     X=$($INTSETUP status $DEV_NAME | grep "$1" | sed 's/.*: //' | sed 's/^[[:space:]]*//')
   84     if [ "$X" != "$2" ] ; then
   85         echo "[status FAIL]"
   86         echo " Expecting $1:$2 got \"$X\"."
   87         fail
   88     fi
   89 }
   90 
   91 dump_check() # name value
   92 {
   93     X=$($INTSETUP dump $DEV | grep "$1" | cut -d' '  -f 2)
   94     if [ "$X" != "$2" ] ; then
   95         echo "[dump FAIL]"
   96         echo " Expecting $1:$2 got \"$X\"."
   97         fail
   98     fi
   99 }
  100 
  101 kernel_param_check() # number value
  102 {
  103     X=$(dmsetup table $DEV_NAME | cut -d " " -f $1)
  104     if [ "$X" != $2 ] ; then
  105         echo "[param_check FAIL]"
  106         echo "Expecting $2 got \"$X\"."
  107         fail
  108     fi
  109 }
  110 
  111 function valgrind_setup()
  112 {
  113     which valgrind >/dev/null 2>&1 || fail "Cannot find valgrind."
  114     [ ! -f $INTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
  115     export LD_LIBRARY_PATH="$INTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
  116 }
  117 
  118 function valgrind_run()
  119 {
  120     INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${INTSETUP_VALGRIND} "$@"
  121 }
  122 
  123 int_check_sum_only() # checksum
  124 {
  125     VSUM=$(sha256sum /dev/mapper/$DEV_NAME | cut -d' ' -f 1)
  126     if [ "$VSUM" = "$1" ] ; then
  127         echo -n "[CHECKSUM OK]"
  128     else
  129         echo "[FAIL]"
  130         echo " Expecting $1 got $VSUM."
  131         fail
  132     fi
  133 }
  134 
  135 int_check_sum() # alg checksum [keyfile keysize]
  136 {
  137     if [ -n "$4" ] ; then
  138         KEY_PARAMS="--integrity-key-file $3 --integrity-key-size $4"
  139     else
  140         KEY_PARAMS=""
  141     fi
  142 
  143     # Fill device with zeroes and reopen it
  144     dd if=/dev/zero of=/dev/mapper/$DEV_NAME bs=1M oflag=direct >/dev/null 2>&1
  145     dmremove $DEV_NAME
  146 
  147     $INTSETUP open $DEV $DEV_NAME --integrity $1 $KEY_PARAMS || fail "Cannot activate device."
  148 
  149     int_check_sum_only $2
  150 }
  151 
  152 intformat() # alg alg_out tagsize outtagsize sector_size csum [keyfile keysize]
  153 {
  154     if [ -n "$8" ] ; then
  155         KEY_PARAMS="--integrity-key-file $7 --integrity-key-size $8"
  156     else
  157         KEY_PARAMS=""
  158     fi
  159 
  160     if [ $3 -ne 0 ] ; then
  161         TAG_PARAMS="--tag-size $3"
  162     else
  163         TAG_PARAMS=""
  164     fi
  165 
  166     echo -n "[INTEGRITY:$2:$4:$5]"
  167     [ -n "$8" ] && echo -n "[KEYFILE:$8]"
  168     echo -n "[FORMAT]"
  169     $INTSETUP format --integrity-legacy-padding -q --integrity $1 $TAG_PARAMS --sector-size $5 $KEY_PARAMS $DEV >/dev/null 2>&1
  170     if [ $? -ne 0 ] ; then
  171         if [[ $1 =~ "sha" || $1 =~ "crc" ]] ; then
  172             fail "Cannot format device."
  173         fi
  174         echo "[N/A]"
  175         return
  176     fi
  177 
  178     dump_check "tag_size" $4
  179     dump_check "sector_size" $5
  180     echo -n "[ACTIVATE]"
  181     $INTSETUP open $DEV $DEV_NAME --integrity $1 $KEY_PARAMS || fail "Cannot activate device."
  182     if [ -n "$8" ]; then
  183         KEY_HEX=$(xxd -c 4096 -l $8 -p $7)
  184         [ -z "$KEY_HEX" ] && fail "Cannot decode key."
  185         dmsetup table --showkeys $DEV_NAME | grep -q $KEY_HEX || fail "Key mismatch."
  186     fi
  187     status_check "tag size" $4
  188     status_check "integrity" $2
  189     status_check "sector size" "$5 bytes"
  190     int_check_sum $1 $6 $7 $8
  191     echo -n "[REMOVE]"
  192     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  193     echo "[OK]"
  194 }
  195 
  196 int_error_detection() # mode alg tagsize outtagsize sector_size key_file key_size
  197 {
  198     if [ "$1" == "B" ] ; then
  199         INT_MODE="-B"
  200     else
  201         INT_MODE=""
  202     fi
  203     if [ -n "$7" ] ; then
  204         KEY_PARAMS="--integrity-key-file $6 --integrity-key-size $7"
  205     else
  206         KEY_PARAMS=""
  207     fi
  208     if [ $3 -ne 0 ] ; then
  209         TAG_PARAMS="--tag-size $3"
  210     else
  211         TAG_PARAMS=""
  212     fi
  213     dd if=/dev/zero of=$DEV bs=1M count=32 >/dev/null 2>&1
  214 
  215     echo -n "[INTEGRITY:$1:$2:$4:$5]"
  216     echo -n "[FORMAT]"
  217     $INTSETUP format -q --integrity $2 $TAG_PARAMS --sector-size $5 $KEY_PARAMS $DEV $INT_MODE >/dev/null || fail "Cannot format device."
  218     echo -n "[ACTIVATE]"
  219     $INTSETUP open $DEV $DEV_NAME --integrity $2 --integrity-no-journal $KEY_PARAMS $INT_MODE || fail "Cannot activate device."
  220 
  221     if [ -n "$6" -a -n "$7" ]; then
  222         echo -n "[KEYED HASH]"
  223         KEY_HEX=$(xxd -c 256 -l $7 -p $6)
  224         [ -z "$KEY_HEX" ] && fail "Cannot decode key."
  225         dmsetup table --showkeys $DEV_NAME | grep -q $KEY_HEX || fail "Key mismatch."
  226     fi
  227 
  228     echo -n "[WRITE DATA]"
  229     echo -n "EXAMPLE TEXT" | dd of=/dev/mapper/$DEV_NAME >/dev/null 2>&1 || fail "Cannot write to device."
  230     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  231 
  232     # find offset of data area
  233     ARR=($(dd if=$DEV bs=512 2>/dev/null | hexdump -C | grep 'EXAMPLE TEXT'))
  234     OFF_HEX=${ARR[0]}
  235     OFF_DEC=$((16#$OFF_HEX))
  236 
  237     echo -n "[CORRUPT DATA:$OFF_DEC]"
  238     echo -n "Z" | dd of=$DEV bs=1 seek=$OFF_DEC conv=notrunc >/dev/null 2>&1 || fail "Cannot write to device."
  239 
  240     echo -n "[DETECT ERROR]"
  241     $INTSETUP open $DEV $DEV_NAME --integrity $2 $KEY_PARAMS $INT_MODE || fail "Cannot activate device."
  242     dd if=/dev/mapper/$DEV_NAME  >/dev/null 2>&1 && fail "Error detection failed."
  243     echo -n "[REMOVE]"
  244     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  245     echo "[OK]"
  246 }
  247 
  248 int_journal() # 1 alg, 2 tagsize, 3 sector_size, 4 watermark, 5 commit_time, 6 journal_integrity, 7 key-file, 8 key-size, 9 journal_integrity_out
  249 {
  250     echo -n "[INTEGRITY JOURNAL:$6:${4}%:${5}ms:$8]"
  251     echo -n "[FORMAT]"
  252     ARGS="--integrity $1 --journal-watermark $4 --journal-commit-time $5 --journal-integrity $6 --journal-integrity-key-file $7 --journal-integrity-key-size $8"
  253     $INTSETUP format -q --tag-size $2 --sector-size $3 $ARGS $DEV || fail "Cannot format device."
  254 
  255     echo -n "[ACTIVATE]"
  256 
  257     $INTSETUP open $DEV $DEV_NAME $ARGS || fail "Cannot activate device."
  258 
  259     echo -n "[KEYED HASH]"
  260     KEY_HEX=$(xxd -c 4096 -l $8 -p $7)
  261     [ -z "$KEY_HEX" ] && fail "Cannot decode key."
  262     dmsetup table --showkeys $DEV_NAME | grep -q $KEY_HEX || fail "Key mismatch."
  263 
  264     status_check "journal watermark" "${4}%"
  265     status_check "journal commit time" "${5} ms"
  266     status_check "journal integrity MAC" $9
  267 
  268     echo -n "[REMOVE]"
  269     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  270     echo "[OK]"
  271 }
  272 
  273 
  274 int_journal_crypt() # crypt_alg crypt_alg_kernel crypt_key crypt_key_size
  275 {
  276     echo -n "[JOURNAL CRYPT:$1:${4}B]"
  277 
  278     echo -n "[FORMAT]"
  279     ARGS="--journal-crypt $1 --journal-crypt-key-file $3 --journal-crypt-key-size $4"
  280     $INTSETUP format -q $ARGS $DEV || fail "Cannot format device."
  281 
  282     echo -n "[ACTIVATE]"
  283     $INTSETUP open $DEV $DEV_NAME $ARGS || fail "Cannot activate device."
  284 
  285     KEY_HEX=$(xxd -c 256 -l $4 -p $3)
  286     [ -z "$KEY_HEX" ] && fail "Cannot decode key."
  287     dmsetup table --showkeys $DEV_NAME | grep -q "journal_crypt:$2:$KEY_HEX" || fail "Key mismatch."
  288 
  289     $INTSETUP close $DEV_NAME
  290     echo "[OK]"
  291 }
  292 
  293 int_mode() # alg tag_size sector_size [keyfile keysize]
  294 {
  295     if [ -n "$5" ] ; then
  296         KEY_PARAMS="--integrity-key-file $4 --integrity-key-size $5"
  297     else
  298         KEY_PARAMS=""
  299     fi
  300 
  301     echo -n "[MODE TESTS:$1:$2:$3]"
  302     ARGS="--tag-size $2 --sector-size $3"
  303 
  304     $INTSETUP format -q $ARGS $KEY_PARAMS $DEV --integrity $1 || fail "Cannot format device."
  305 
  306     echo -n "[JOURNALED WRITES]"
  307     $INTSETUP open $DEV $DEV_NAME --integrity $1 $KEY_PARAMS || fail "Cannot activate device with journal."
  308     status_check "mode" "read/write"
  309     kernel_param_check 7 "J"
  310 
  311     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  312 
  313     echo -n "[DIRECT WRITES]"
  314     $INTSETUP open $DEV $DEV_NAME --integrity $1 $KEY_PARAMS --integrity-no-journal || fail "Cannot activate device without journal."
  315     status_check "mode" "read/write"
  316     status_check "journal" "not active"
  317     kernel_param_check 7 "D"
  318 
  319     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  320 
  321     echo -n "[RECOVERY MODE]"
  322     $INTSETUP open $DEV $DEV_NAME --integrity $1 $KEY_PARAMS --integrity-recovery-mode || fail "Cannot activate device in recovery mode."
  323     status_check "mode" "read/write recovery"
  324     kernel_param_check 7 "R"
  325 
  326     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  327 
  328     echo "[OK]"
  329 }
  330 
  331 [ $(id -u) != 0 ] && skip "WARNING: You must be root to run this test, test skipped."
  332 [ ! -x "$INTSETUP" ] && skip "Cannot find $INTSETUP, test skipped."
  333 which blockdev >/dev/null || skip "Cannot find blockdev utility, test skipped."
  334 
  335 [ -n "$VALG" ] && valgrind_setup && INTSETUP=valgrind_run
  336 which hexdump >/dev/null 2>&1 || skip "WARNING: hexdump tool required."
  337 which xxd >/dev/null 2>&1 || skip "WARNING: xxd tool required."
  338 modprobe dm-integrity >/dev/null 2>&1
  339 dm_integrity_features
  340 
  341 add_device
  342 intformat blake2s-256 blake2s-256    32 32  512 8e5fe4119558e117bfc40e3b0f13ade3abe497b52604d4c7cca0cfd6c7f4cf11
  343 intformat blake2b-256 blake2b-256    32 32  512 8e5fe4119558e117bfc40e3b0f13ade3abe497b52604d4c7cca0cfd6c7f4cf11
  344 intformat crc32c      crc32c          0  4  512 08f63eb27fb9ce2ce903b0a56429c68ce5e209253ba42154841ef045a53839d7
  345 intformat crc32       crc32           0  4  512 08f63eb27fb9ce2ce903b0a56429c68ce5e209253ba42154841ef045a53839d7
  346 intformat sha1        sha1            0 20  512 6eedd6344dab8875cd185fcd6565dfc869ab36bc57e577f40c685290b1fa7fe7
  347 intformat sha1        sha1           16 16 4096 e152ec88227b539cd9cafd8bdb587a1072d720cd6bcebe1398d4136c9e7f337b
  348 intformat sha256      sha256          0 32  512 8e5fe4119558e117bfc40e3b0f13ade3abe497b52604d4c7cca0cfd6c7f4cf11
  349 intformat hmac-sha256 hmac\(sha256\)  0 32  512 8e5fe4119558e117bfc40e3b0f13ade3abe497b52604d4c7cca0cfd6c7f4cf11 $KEY_FILE 32
  350 intformat sha256      sha256          0 32 4096 33f7dfa5163ca9f740383fb8b0919574e38a7b20a94a4170fde4238196b7c4b4
  351 intformat hmac-sha256 hmac\(sha256\)  0 32 4096 33f7dfa5163ca9f740383fb8b0919574e38a7b20a94a4170fde4238196b7c4b4 $KEY_FILE 32
  352 intformat hmac-sha256 hmac\(sha256\)  0 32 4096 33f7dfa5163ca9f740383fb8b0919574e38a7b20a94a4170fde4238196b7c4b4 $KEY_FILE 4096
  353 
  354 echo "Error detection tests:"
  355 int_error_detection J crc32c  0  4  512
  356 int_error_detection J crc32c  0  4  4096
  357 int_error_detection J crc32   0  4  512
  358 int_error_detection J crc32   0  4  4096
  359 int_error_detection J sha1    0 20 512
  360 int_error_detection J sha1   16 16 512
  361 int_error_detection J sha1    0 20 4096
  362 int_error_detection J sha256  0 32 512
  363 int_error_detection J sha256  0 32 4096
  364 
  365 which xxd >/dev/null 2>&1 || skip "WARNING: xxd tool required."
  366 int_error_detection J hmac-sha256  0 32 512 $KEY_FILE 32
  367 int_error_detection J hmac-sha256  0 32 4096 $KEY_FILE 32
  368 
  369 echo "Journal parameters tests:"
  370 # Watermark is calculated in kernel, so it can be rounded down/up
  371 int_journal crc32  4  512  66 1000 hmac-sha256 $KEY_FILE 32 hmac\(sha256\)
  372 int_journal sha256 32 4096 34 5000 hmac-sha1   $KEY_FILE 16 hmac\(sha1\)
  373 int_journal sha1   20 512  75 9999 hmac-sha256 $KEY_FILE 32 hmac\(sha256\)
  374 int_journal sha1   20 512  75 9999 hmac-sha256 $KEY_FILE 4096 hmac\(sha256\)
  375 
  376 echo "Journal encryption tests:"
  377 int_journal_crypt cbc-aes cbc\(aes\) $KEY_FILE 32
  378 int_journal_crypt cbc-aes cbc\(aes\) $KEY_FILE 16
  379 int_journal_crypt ctr-aes ctr\(aes\) $KEY_FILE 32
  380 int_journal_crypt ctr-aes ctr\(aes\) $KEY_FILE 16
  381 
  382 echo "Mode tests:"
  383 int_mode crc32c      4  512
  384 int_mode crc32       4  512
  385 int_mode sha1        20 512
  386 int_mode sha256      32 512
  387 int_mode hmac-sha256 32 512  $KEY_FILE 32
  388 int_mode hmac-sha256 32 4096 $KEY_FILE 32
  389 
  390 echo -n "Recalculate tags in-kernel:"
  391 add_device
  392 if [ -n "$DM_INTEGRITY_RECALC" ] ; then
  393     $INTSETUP format -q $DEV --no-wipe || fail "Cannot format device."
  394     $INTSETUP open $DEV $DEV_NAME --integrity-recalculate || fail "Cannot activate device."
  395     dd if=/dev/mapper/$DEV_NAME of=/dev/null bs=1M 2>/dev/null || fail "Cannot recalculate tags in-kernel"
  396     int_check_sum_only 08f63eb27fb9ce2ce903b0a56429c68ce5e209253ba42154841ef045a53839d7
  397     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  398     echo -n "[OK]"
  399     if [ -n "$DM_INTEGRITY_RESET" ] ; then
  400         $INTSETUP open $DEV $DEV_NAME -I sha256 --integrity-recalculate-reset || fail "Cannot activate device."
  401         dd if=/dev/mapper/$DEV_NAME of=/dev/null bs=1M 2>/dev/null || fail "Cannot reset recalculate tags in-kernel"
  402         int_check_sum_only 08f63eb27fb9ce2ce903b0a56429c68ce5e209253ba42154841ef045a53839d7
  403         $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  404         echo "[RESET OK]"
  405     else
  406         echo "[RESET N/A]"
  407     fi
  408 else
  409     echo "[N/A]"
  410 fi
  411 
  412 echo -n "Separate metadata device:"
  413 if [ -n "$DM_INTEGRITY_META" ] ; then
  414     add_device
  415     $INTSETUP format -q $DEV --data-device $DEV2 || fail "Cannot format device."
  416     $INTSETUP open $DEV --data-device $DEV2 $DEV_NAME || fail "Cannot activate device."
  417     int_check_sum_only 83ee47245398adee79bd9c0a8bc57b821e92aba10f5f9ade8a5d1fae4d8c4302
  418     $INTSETUP status $DEV_NAME | grep -q 'metadata device:' || fail
  419     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  420     echo "[OK]"
  421 else
  422     echo "[N/A]"
  423 fi
  424 
  425 echo -n "Bitmap mode parameters:"
  426 if [ -n "$DM_INTEGRITY_BITMAP" ] ; then
  427     add_device
  428     $INTSETUP format -q $DEV --integrity-bitmap-mode $DEV2 || fail "Cannot format device."
  429     $INTSETUP open $DEV --integrity-bitmap-mode --bitmap-sectors-per-bit 65536 --bitmap-flush-time 5000 $DEV_NAME || fail "Cannot activate device."
  430     $INTSETUP status $DEV_NAME | grep -q 'bitmap 512-byte sectors per bit: 65536' || fail
  431     $INTSETUP status $DEV_NAME | grep -q 'bitmap flush interval: 5000 ms' || fail
  432     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  433     echo "[OK]"
  434     echo "Bitmap error detection tests:"
  435     int_error_detection B crc32c      0  4 512
  436     int_error_detection B crc32c      0  4 4096
  437     int_error_detection B sha256      0 32 512
  438     int_error_detection B sha256      0 32 4096
  439     int_error_detection B hmac-sha256 0 32 512 $KEY_FILE 32
  440     int_error_detection B hmac-sha256 0 32 4096 $KEY_FILE 32
  441 else
  442     echo "[N/A]"
  443 fi
  444 
  445 echo -n "Big device:"
  446 add_device
  447 DEV_LOOP=$(losetup -f $DEV --show)
  448 if [ -n "$DEV_LOOP" ] ; then
  449 dmsetup create $DEV_NAME2 <<EOF
  450 0 16284 linear $DEV_LOOP 0
  451 16284 80000000000 zero
  452 EOF
  453     [ ! -b /dev/mapper/$DEV_NAME2 ] && fail
  454     $INTSETUP format -q -s 512 --no-wipe /dev/mapper/$DEV_NAME2
  455     $INTSETUP open /dev/mapper/$DEV_NAME2 $DEV_NAME || fail
  456     D_SIZE=$($INTSETUP dump /dev/mapper/$DEV_NAME2 | grep provided_data_sectors | sed -e 's/.*provided_data_sectors\ \+//g')
  457     A_SIZE=$(blockdev --getsz /dev/mapper/$DEV_NAME)
  458     # Compare strings (to avoid 64bit integers), not integers
  459     [ -n "$A_SIZE" -a "$D_SIZE" != "$A_SIZE" ] && fail
  460     echo "[OK]"
  461 else
  462     echo "[N/A]"
  463 fi
  464 
  465 echo -n "Deferred removal of device:"
  466 add_device
  467 $INTSETUP format -q $DEV || fail "Cannot format device."
  468 $INTSETUP open $DEV $DEV_NAME || fail "Cannot activate device."
  469 dmsetup create $DEV_NAME2 --table "0 8 linear /dev/mapper/$DEV_NAME 0"
  470 [ ! -b /dev/mapper/$DEV_NAME2 ] && fail
  471 $INTSETUP close $DEV_NAME >/dev/null 2>&1 && fail
  472 $INTSETUP -q status $DEV_NAME >/dev/null 2>&1 || fail
  473 $INTSETUP close --deferred $DEV_NAME >/dev/null 2>&1
  474 if [ $? -eq 0 ] ; then
  475     dmsetup info $DEV_NAME | grep -q "DEFERRED REMOVE" || fail
  476     $INTSETUP close --cancel-deferred $DEV_NAME >/dev/null 2>&1
  477     dmsetup info $DEV_NAME | grep -q "DEFERRED REMOVE" >/dev/null 2>&1 && fail
  478     $INTSETUP close --deferred $DEV_NAME >/dev/null 2>&1
  479     dmsetup remove $DEV_NAME2 || fail
  480     $INTSETUP -q status $DEV_NAME >/dev/null 2>&1 && fail
  481     echo "[OK]"
  482 else
  483     dmsetup remove $DEV_NAME2 >/dev/null 2>&1
  484     $INTSETUP close $DEV_NAME >/dev/null 2>&1
  485     echo "[N/A]"
  486 fi
  487 
  488 echo -n "Fixed HMAC and legacy flags:"
  489 if [ -n "$DM_INTEGRITY_HMAC_FIX" ] ; then
  490     add_device
  491     # only data HMAC
  492     ARGS="--integrity hmac-sha256 --integrity-key-file $KEY_FILE --integrity-key-size 32"
  493     $INTSETUP format -q $DEV --integrity-legacy-hmac --no-wipe --tag-size 32 $ARGS || fail "Cannot format device."
  494     $INTSETUP open $DEV $DEV_NAME --integrity-recalculate $ARGS >/dev/null 2>&1 && fail "Cannot activate device."
  495     $INTSETUP open $DEV $DEV_NAME --integrity-legacy-recalculate $ARGS || fail "Cannot activate device."
  496     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  497     # New version - must fail (no journal HMAC)
  498     $INTSETUP format -q $DEV --no-wipe --tag-size 32 $ARGS || fail "Cannot format device."
  499     $INTSETUP open $DEV $DEV_NAME --integrity-recalculate $ARGS  >/dev/null 2>&1 && fail "Cannot activate device."
  500     $INTSETUP open $DEV $DEV_NAME --integrity-legacy-recalculate $ARGS || fail "Cannot activate device."
  501     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  502 
  503     # data and journal HMAC
  504     ARGS="$ARGS --journal-integrity hmac-sha256 --journal-integrity-key-file $KEY_FILE2 --journal-integrity-key-size 32"
  505     $INTSETUP format -q $DEV --integrity-legacy-hmac --no-wipe --tag-size 32 $ARGS || fail "Cannot format device."
  506     $INTSETUP open $DEV $DEV_NAME --integrity-recalculate $ARGS >/dev/null 2>&1 && fail "Cannot activate device."
  507     $INTSETUP open $DEV $DEV_NAME --integrity-legacy-recalculate $ARGS || fail "Cannot activate device."
  508     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  509     # New fixed version
  510     $INTSETUP format -q $DEV --no-wipe --tag-size 32 $ARGS || fail "Cannot format device."
  511     $INTSETUP dump $DEV | grep "flags" | grep -q "fix_hmac" || fail "Flag for HMAC not set."
  512     $INTSETUP open $DEV $DEV_NAME --integrity-recalculate $ARGS || fail "Cannot activate device."
  513     $INTSETUP close $DEV_NAME || fail "Cannot deactivate device."
  514     echo "[OK]"
  515 else
  516     echo "[N/A]"
  517 fi
  518 
  519 cleanup