Core: Add support for LUKS header backup. #1302
Conversation
|
Can one of the admins verify this patch? |
|
Jenkins, ok to test. |
| self.udev_settle() | ||
|
|
||
| # check that backup normally works | ||
| BACKUP_FILE = "/var/tmp/udisks_encrypted_header_backup.luks" |
There was a problem hiding this comment.
Please use tempfile to create a temporary directory for this, it will take care of cleanup.
src/udiskslinuxblock.c
Outdated
| udisks_linux_block_object_lock_for_cleanup (UDISKS_LINUX_BLOCK_OBJECT (object)); | ||
| udisks_state_check_block (state, udisks_linux_block_object_get_device_number (UDISKS_LINUX_BLOCK_OBJECT (object))); | ||
|
|
||
| /* Fail if the device is not a LUKS device */ |
There was a problem hiding this comment.
This will fail if the header is completely wiped or corrupted in a way that blkid won't recognize it as a LUKS device.
| self.assertEqual(ret, 0) | ||
| ret, out = udiskstestcase.UdisksTestCase.run_command("cryptsetup luksDump %s" % disk) | ||
| self.assertEqual(1, ret) | ||
| self.assertTrue(("Device %s is not a valid LUKS device." % disk) in out) |
There was a problem hiding this comment.
There is a race condition here -- dd removes the header, but the change is not yet propagated from udev to udisks so the restore works even with the check for LUKS metadata in the code. You need to wait for the IdType property to become empty after calling dd with somethig like
fstype = self.get_property(device, '.Block', 'IdType')
fstype.assertEqual('')
(this is not the unittest's assertEqual but our own with wait).
|
|
||
| # check that after reaping device and restoring header, cryptsetup will recognize header | ||
| device.Lock(self.no_options, dbus_interface=self.iface_prefix + '.Encrypted') | ||
| ret, out = udiskstestcase.UdisksTestCase.run_command("cryptsetup luksDump %s" % disk) |
There was a problem hiding this comment.
No need to use cryptsetup here, we created the encrypted device so we know it is LUKS :-)
Add methods: - Encrypted.HeaderBackup - Block.RestoreEncryptedHeader
Add methods: