Makefile: Add security compiling option (RELRO, SC, and FORTIFY)

[platform/upstream/cryptsetup.git] / tests / discards-test

#!/bin/bash

[ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".."
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
DEV_NAME="discard-t3st"
DEV=""
PWD1="93R4P4pIqAH8"

CRYPTSETUP_VALGRIND=../.libs/cryptsetup
CRYPTSETUP_LIB_VALGRIND=../.libs

cleanup() {
        [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove --retry $DEV_NAME
        udevadm settle >/dev/null 2>&1
        rmmod scsi_debug >/dev/null 2>&1
        sleep 2
}

fail()
{
        echo "FAILED backtrace:"
        while caller $frame; do ((frame++)); done
        cleanup
        exit 100
}

skip()
{
        [ -n "$1" ] && echo "$1"
        exit 77
}

function valgrind_setup()
{
        command -v valgrind >/dev/null || fail "Cannot find valgrind."
        [ ! -f $CRYPTSETUP_VALGRIND ] && fail "Unable to get location of cryptsetup executable."
        export LD_LIBRARY_PATH="$CRYPTSETUP_LIB_VALGRIND:$LD_LIBRARY_PATH"
}

function valgrind_run()
{
        INFOSTRING="$(basename ${BASH_SOURCE[1]})-line-${BASH_LINENO[0]}" ./valg.sh ${CRYPTSETUP_VALGRIND} "$@"
}

add_device() {
        rmmod scsi_debug >/dev/null 2>&1
        if [ -d /sys/module/scsi_debug ] ; then
                echo "Cannot use scsi_debug module (in use or compiled-in), test skipped."
                exit 77
        fi
        modprobe scsi_debug $@ delay=0 >/dev/null 2>&1
        if [ $? -ne 0 ] ; then
                echo "This kernel seems to not support proper scsi_debug module, test skipped."
                exit 77
        fi

        sleep 2
        DEV=$(grep -l -e scsi_debug /sys/block/*/device/model | cut -f4 -d /)

        DEV="/dev/$DEV"
        [ -b $DEV ] || fail "Cannot find $DEV."
}

function check_version()
{
        VER_STR=$(dmsetup targets | grep crypt | cut -f 2 -dv)
        [ -z "$VER_STR" ] && fail "Failed to parse dm-crypt version."

        VER_MAJ=$(echo $VER_STR | cut -f 1 -d.)
        VER_MIN=$(echo $VER_STR | cut -f 2 -d.)

        # option supported in 1.11
        test $VER_MAJ -gt 1 && return 0
        test $VER_MIN -ge 11 && return 0
        return 1
}

[ ! -x "$CRYPTSETUP" ] && skip "Cannot find $CRYPTSETUP, test skipped."
[ -n "$VALG" ] && valgrind_setup && CRYPTSETUP=valgrind_run
if [ $(id -u) != 0 ]; then
        echo "WARNING: You must be root to run this test, test skipped."
        exit 77
fi

modprobe dm-crypt >/dev/null 2>&1
if ! check_version ; then
        echo "Probably old kernel, test skipped."
        exit 77
fi

add_device dev_size_mb=16 sector_size=512 num_tgts=1 lbpu=1

# FIXME test hash of device (unmap -> zero)
# for now just check that flag is enabled

echo "[1] Allowing discards for LUKS device"
echo $PWD1 | $CRYPTSETUP luksFormat --type luks1 $DEV -q -i1 || fail
echo $PWD1 | $CRYPTSETUP luksOpen $DEV $DEV_NAME --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
$CRYPTSETUP resize $DEV_NAME --size 100 || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
dmsetup table $DEV_NAME | grep allow_discards >/dev/null || fail
$CRYPTSETUP luksClose $DEV_NAME || fail

echo "[2] Allowing discards for plain device"
echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha256 --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
$CRYPTSETUP resize $DEV_NAME --size 100 || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
dmsetup table $DEV_NAME | grep allow_discards >/dev/null || fail
$CRYPTSETUP remove $DEV_NAME || fail

cleanup