tests: add LUKS-on-LVM test

Create a new (fake) Fedora disk image with two partitions. /dev/sda1 is the boot partition as usual, /dev/sda2 is used as an LVM PV. The VG has four LVs, Root and LV1 through LV3. Each LV holds a LUKS device (with a different key). Each decrypted LUKS device holds an ext2 filesystem, with "/dev/mapper/Root-luks" holding the root filesystem. Each filesystem has a dedicated label (ROOT, LV1, LV2, LV3). In the test case, run guestfish in inspector mode, twice. In the first invocation, provide the LUKS passphrases by LV name. Also specific to the first invocation, fetch the LUKS UUIDs by LV name. In the second invocation, provide the LUKS passphrases by UUID. In both invocations, after decryption, check the filesystem labels, the /dev/mapper/* names generated for the decrypted LUKS block devices, and the existence of "/etc/fedora-release" on the root filesystem. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20220223162120.16729-3-lersek@redhat.com> Acked-by: Richard W.M. Jones <rjones@redhat.com>
2026-03-21 22:53:37 +00:00 · 2022-02-23 17:21:19 +01:00
parent 39a5bb6fda
commit 3221133140
6 changed files with 185 additions and 0 deletions
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,6 +49,7 @@ disk_images = \
 	fedora-md1.img \
 	fedora-md2.img \
 	fedora-btrfs.img \
+	fedora-luks-on-lvm.img \
 	fedora-lvm-on-luks.img \
 	ubuntu.img \
 	archlinux.img \
@@ -96,6 +97,12 @@ fedora-btrfs.img: make-fedora-img.pl \
 		fedora.db
 	SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<

+# Make a (dummy) Fedora image with LUKS-on-LVM.
+fedora-luks-on-lvm.img: make-fedora-img.pl \
+		fedora-journal.tar.xz \
+		fedora.db
+	SRCDIR=$(srcdir) LAYOUT=luks-on-lvm $(top_builddir)/run --test ./$<
+
 # Make a (dummy) Fedora image with LVM-on-LUKS.
 fedora-lvm-on-luks.img: make-fedora-img.pl \
 		fedora-journal.tar.xz \
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -183,6 +183,24 @@
    </devices>
  </domain>

+  <!-- LUKS passwords are 'FEDORA-Root', 'FEDORA-LV1', 'FEDORA-LV2',
+       'FEDORA-LV3' -->
+  <domain type='test'>
+    <name>fedora-luks-on-lvm</name>
+    <memory>1048576</memory>
+    <os>
+      <type>hvm</type>
+      <boot dev='hd'/>
+    </os>
+    <devices>
+      <disk type='file' device='disk'>
+        <driver name='qemu' type='raw'/>
+        <source file='@abs_builddir@/fedora-luks-on-lvm.img'/>
+        <target dev='vda' bus='virtio'/>
+      </disk>
+    </devices>
+  </domain>
+
  <!-- LUKS password is 'FEDORA' -->
  <domain type='test'>
    <name>fedora-lvm-on-luks</name>
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -200,6 +200,60 @@ EOF
    init_lvm_root ('/dev/mapper/luks');
 }

+elsif ($ENV{LAYOUT} eq 'luks-on-lvm') {
+    push (@images, "fedora-luks-on-lvm.img-t");
+
+    open (my $fstab, '>', "fedora.fstab") or die;
+    print $fstab <<EOF;
+LABEL=BOOT /boot ext2 default 0 0
+LABEL=ROOT / ext2 default 0 0
+EOF
+    close ($fstab) or die;
+
+    $bootdev = '/dev/sda1';
+
+    $g->disk_create ("fedora-luks-on-lvm.img-t", "raw", $IMAGE_SIZE);
+
+    $g->add_drive ("fedora-luks-on-lvm.img-t", format => "raw");
+    $g->launch ();
+
+    $g->part_init ('/dev/sda', 'mbr');
+    foreach my $p (@PARTITIONS) {
+        $g->part_add('/dev/sda', @$p);
+    }
+
+    # Create the Volume Group on /dev/sda2.
+    $g->pvcreate ('/dev/sda2');
+    $g->vgcreate ('VG', ['/dev/sda2']);
+    $g->lvcreate ('Root', 'VG', 32);
+    $g->lvcreate ('LV1',  'VG', 32);
+    $g->lvcreate ('LV2',  'VG', 32);
+    $g->lvcreate ('LV3',  'VG', 64);
+
+    # Format each Logical Group as a LUKS device, with a different password.
+    $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
+    $g->luks_format ('/dev/VG/LV1',  'FEDORA-LV1',  0);
+    $g->luks_format ('/dev/VG/LV2',  'FEDORA-LV2',  0);
+    $g->luks_format ('/dev/VG/LV3',  'FEDORA-LV3',  0);
+
+    # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
+    $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks');
+    $g->cryptsetup_open ('/dev/VG/LV1',  'FEDORA-LV1',  'LV1-luks');
+    $g->cryptsetup_open ('/dev/VG/LV2',  'FEDORA-LV2',  'LV2-luks');
+    $g->cryptsetup_open ('/dev/VG/LV3',  'FEDORA-LV3',  'LV3-luks');
+
+    # Phony root filesystem.
+    $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT');
+    $g->set_uuid ('/dev/mapper/Root-luks', '01234567-0123-0123-0123-012345678902');
+
+    # Other filesystems, just for testing findfs-label.
+    $g->mkfs ('ext2', '/dev/mapper/LV1-luks', blocksize => 4096, label => 'LV1');
+    $g->mkfs ('ext2', '/dev/mapper/LV2-luks', blocksize => 1024, label => 'LV2');
+    $g->mkfs ('ext2', '/dev/mapper/LV3-luks', blocksize => 2048, label => 'LV3');
+
+    $g->mount ('/dev/mapper/Root-luks', '/');
+}
+
 else {
    print STDERR "$0: Unknown LAYOUT: ",$ENV{LAYOUT},"\n";
    exit 1;