[Libguestfs] [guestfs-tools PATCH 3/3] inspector: add LUKS-on-LVM test

Laszlo Ersek lersek at redhat.com
Wed Feb 23 16:22:15 UTC 2022 

Port libguestfs patch 'tests: add LUKS-on-LVM test' to virt-inspector.

(This patch is best formatted with "--find-copies-harder".)

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
 inspector/Makefile.am                                                                |  5 +-
 test-data/phony-guests/Makefile.am                                                   |  7 +++
 .gitignore                                                                           |  1 +
 inspector/{expected-fedora.img.xml => expected-fedora-luks-on-lvm.img.xml}           |  6 +--
 inspector/{test-virt-inspector-lvm-on-luks.sh => test-virt-inspector-luks-on-lvm.sh} | 15 ++++--
 test-data/phony-guests/guests.xml.in                                                 | 18 +++++++
 test-data/phony-guests/make-fedora-img.pl                                            | 54 ++++++++++++++++++++
 7 files changed, 97 insertions(+), 9 deletions(-)

diff --git a/inspector/Makefile.am b/inspector/Makefile.am
index 961498e81788..297887bae3a4 100644
--- a/inspector/Makefile.am
+++ b/inspector/Makefile.am
@@ -27,12 +27,14 @@ example_xml = \
 EXTRA_DIST = \
 	expected-debian.img.xml \
 	expected-fedora.img.xml \
+	expected-fedora-luks-on-lvm.img.xml \
 	expected-fedora-lvm-on-luks.img.xml \
 	expected-ubuntu.img.xml \
 	expected-archlinux.img.xml \
 	expected-coreos.img.xml \
 	expected-windows.img.xml \
 	test-virt-inspector.sh \
+	test-virt-inspector-luks-on-lvm.sh \
 	test-virt-inspector-lvm-on-luks.sh \
 	test-virt-inspector-docs.sh \
 	test-xmllint.sh \
@@ -95,6 +97,7 @@ TESTS_ENVIRONMENT = $(top_builddir)/run --test
 TESTS = \
 	test-virt-inspector-docs.sh \
 	test-virt-inspector.sh \
+	test-virt-inspector-luks-on-lvm.sh \
 	test-virt-inspector-lvm-on-luks.sh
 
 if HAVE_XMLLINT
@@ -102,7 +105,7 @@ TESTS += test-xmllint.sh
 endif
 
 check-valgrind:
-	$(MAKE) TESTS="test-virt-inspector.sh test-virt-inspector-lvm-on-luks.sh" VG="@VG@" check
+	$(MAKE) TESTS="test-virt-inspector.sh test-virt-inspector-luks-on-lvm.sh test-virt-inspector-lvm-on-luks.sh" VG="@VG@" check
 
 check-valgrind-local-guests:
 	for g in $(GUESTS); do \
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
index 0114d10bb170..0a41f168bdfc 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,6 +49,7 @@ disk_images = \
 	fedora-md1.img \
 	fedora-md2.img \
 	fedora-btrfs.img \
+	fedora-luks-on-lvm.img \
 	fedora-lvm-on-luks.img \
 	ubuntu.img \
 	archlinux.img \
@@ -96,6 +97,12 @@ fedora-btrfs.img: make-fedora-img.pl \
 		fedora.db
 	SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
 
+# Make a (dummy) Fedora image with LUKS-on-LVM.
+fedora-luks-on-lvm.img: make-fedora-img.pl \
+		fedora-journal.tar.xz \
+		fedora.db
+	SRCDIR=$(srcdir) LAYOUT=luks-on-lvm $(top_builddir)/run --test ./$<
+
 # Make a (dummy) Fedora image with LVM-on-LUKS.
 fedora-lvm-on-luks.img: make-fedora-img.pl \
 		fedora-journal.tar.xz \
diff --git a/.gitignore b/.gitignore
index 5489c0cd2a5d..87040a727a7c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -151,6 +151,7 @@ Makefile.in
 /test-data/phony-guests/debian.img
 /test-data/phony-guests/fedora.img
 /test-data/phony-guests/fedora-btrfs.img
+/test-data/phony-guests/fedora-luks-on-lvm.img
 /test-data/phony-guests/fedora-lvm-on-luks.img
 /test-data/phony-guests/fedora-md1.img
 /test-data/phony-guests/fedora-md2.img
diff --git a/inspector/expected-fedora.img.xml b/inspector/expected-fedora-luks-on-lvm.img.xml
similarity index 98%
copy from inspector/expected-fedora.img.xml
copy to inspector/expected-fedora-luks-on-lvm.img.xml
index 72cddaf8816d..6e21591d8066 100644
--- a/inspector/expected-fedora.img.xml
+++ b/inspector/expected-fedora-luks-on-lvm.img.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <operatingsystems>
   <operatingsystem>
-    <root>/dev/VG/Root</root>
+    <root>/dev/mapper/luks-ROOTUUID</root>
     <name>linux</name>
     <arch>x86_64</arch>
     <distro>fedora</distro>
@@ -13,11 +13,11 @@
     <hostname>fedora.invalid</hostname>
     <osinfo>fedora14</osinfo>
     <mountpoints>
-      <mountpoint dev="/dev/VG/Root">/</mountpoint>
+      <mountpoint dev="/dev/mapper/luks-ROOTUUID">/</mountpoint>
       <mountpoint dev="/dev/sda1">/boot</mountpoint>
     </mountpoints>
     <filesystems>
-      <filesystem dev="/dev/VG/Root">
+      <filesystem dev="/dev/mapper/luks-ROOTUUID">
         <type>ext2</type>
         <label>ROOT</label>
         <uuid>01234567-0123-0123-0123-012345678902</uuid>
diff --git a/inspector/test-virt-inspector-lvm-on-luks.sh b/inspector/test-virt-inspector-luks-on-lvm.sh
similarity index 73%
copy from inspector/test-virt-inspector-lvm-on-luks.sh
copy to inspector/test-virt-inspector-luks-on-lvm.sh
index 955ac6316946..b2e10232c05d 100755
--- a/inspector/test-virt-inspector-lvm-on-luks.sh
+++ b/inspector/test-virt-inspector-luks-on-lvm.sh
@@ -19,7 +19,7 @@
 # Test that virt-inspector can work on encrypted images when the
 # right password is supplied.
 #
-# Regression test for https://bugzilla.redhat.com/show_bug.cgi?id=1602353
+# Regression test for https://bugzilla.redhat.com/show_bug.cgi?id=1658126
 
 set -e
 set -x
@@ -27,16 +27,21 @@ set -x
 $TEST_FUNCTIONS
 skip_if_skipped
 
-f=../test-data/phony-guests/fedora-lvm-on-luks.img
+f=../test-data/phony-guests/fedora-luks-on-lvm.img
+keys=(--key /dev/VG/Root:key:FEDORA-Root
+      --key /dev/VG/LV1:key:FEDORA-LV1
+      --key /dev/VG/LV2:key:FEDORA-LV2
+      --key /dev/VG/LV3:key:FEDORA-LV3)
 
 # Ignore zero-sized file.
 if [ -s "$f" ]; then
+    uuid_root=$(guestfish --ro -i -a "$f" "${keys[@]}" luks-uuid /dev/VG/Root)
     b=$(basename "$f")
-    echo FEDORA |
-    $VG virt-inspector --keys-from-stdin --format=raw -a "$f" > "actual-$b.xml"
+    $VG virt-inspector "${keys[@]}" --format=raw -a "$f" > "actual-$b.xml"
     # Check the generated output validate the schema.
     $XMLLINT --noout --relaxng "$srcdir/virt-inspector.rng" "actual-$b.xml"
     # This 'diff' command will fail (because of -e option) if there
     # are any differences.
-    diff -ur $diff_ignore "$srcdir/expected-$b.xml" "actual-$b.xml"
+    sed -e "s/ROOTUUID/$uuid_root/" < "$srcdir/expected-$b.xml" \
+    | diff -u - "actual-$b.xml"
 fi
diff --git a/test-data/phony-guests/guests.xml.in b/test-data/phony-guests/guests.xml.in
index 3af6b27af073..dfcccc3d4cff 100644
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -183,6 +183,24 @@
     </devices>
   </domain>
 
+  <!-- LUKS passwords are 'FEDORA-Root', 'FEDORA-LV1', 'FEDORA-LV2',
+       'FEDORA-LV3' -->
+  <domain type='test'>
+    <name>fedora-luks-on-lvm</name>
+    <memory>1048576</memory>
+    <os>
+      <type>hvm</type>
+      <boot dev='hd'/>
+    </os>
+    <devices>
+      <disk type='file' device='disk'>
+        <driver name='qemu' type='raw'/>
+        <source file='@abs_builddir@/fedora-luks-on-lvm.img'/>
+        <target dev='vda' bus='virtio'/>
+      </disk>
+    </devices>
+  </domain>
+
   <!-- LUKS password is 'FEDORA' -->
   <domain type='test'>
     <name>fedora-lvm-on-luks</name>
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index 4cd6ef9575eb..84d4742e9000 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -200,6 +200,60 @@ EOF
     init_lvm_root ('/dev/mapper/luks');
 }
 
+elsif ($ENV{LAYOUT} eq 'luks-on-lvm') {
+    push (@images, "fedora-luks-on-lvm.img-t");
+
+    open (my $fstab, '>', "fedora.fstab") or die;
+    print $fstab <<EOF;
+LABEL=BOOT /boot ext2 default 0 0
+LABEL=ROOT / ext2 default 0 0
+EOF
+    close ($fstab) or die;
+
+    $bootdev = '/dev/sda1';
+
+    $g->disk_create ("fedora-luks-on-lvm.img-t", "raw", $IMAGE_SIZE);
+
+    $g->add_drive ("fedora-luks-on-lvm.img-t", format => "raw");
+    $g->launch ();
+
+    $g->part_init ('/dev/sda', 'mbr');
+    foreach my $p (@PARTITIONS) {
+        $g->part_add('/dev/sda', @$p);
+    }
+
+    # Create the Volume Group on /dev/sda2.
+    $g->pvcreate ('/dev/sda2');
+    $g->vgcreate ('VG', ['/dev/sda2']);
+    $g->lvcreate ('Root', 'VG', 32);
+    $g->lvcreate ('LV1',  'VG', 32);
+    $g->lvcreate ('LV2',  'VG', 32);
+    $g->lvcreate ('LV3',  'VG', 64);
+
+    # Format each Logical Group as a LUKS device, with a different password.
+    $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
+    $g->luks_format ('/dev/VG/LV1',  'FEDORA-LV1',  0);
+    $g->luks_format ('/dev/VG/LV2',  'FEDORA-LV2',  0);
+    $g->luks_format ('/dev/VG/LV3',  'FEDORA-LV3',  0);
+
+    # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
+    $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks');
+    $g->cryptsetup_open ('/dev/VG/LV1',  'FEDORA-LV1',  'LV1-luks');
+    $g->cryptsetup_open ('/dev/VG/LV2',  'FEDORA-LV2',  'LV2-luks');
+    $g->cryptsetup_open ('/dev/VG/LV3',  'FEDORA-LV3',  'LV3-luks');
+
+    # Phony root filesystem.
+    $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT');
+    $g->set_uuid ('/dev/mapper/Root-luks', '01234567-0123-0123-0123-012345678902');
+
+    # Other filesystems, just for testing findfs-label.
+    $g->mkfs ('ext2', '/dev/mapper/LV1-luks', blocksize => 4096, label => 'LV1');
+    $g->mkfs ('ext2', '/dev/mapper/LV2-luks', blocksize => 1024, label => 'LV2');
+    $g->mkfs ('ext2', '/dev/mapper/LV3-luks', blocksize => 2048, label => 'LV3');
+
+    $g->mount ('/dev/mapper/Root-luks', '/');
+}
+
 else {
     print STDERR "$0: Unknown LAYOUT: ",$ENV{LAYOUT},"\n";
     exit 1;
-- 
2.19.1.3.g30247aa5d201

More information about the Libguestfs mailing list