From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1k7Seb-0007Wf-Gl for mharc-grub-devel@gnu.org; Sun, 16 Aug 2020 20:05:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39540) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k7SeZ-0007Vz-Ko for grub-devel@gnu.org; Sun, 16 Aug 2020 20:05:31 -0400 Received: from mail-pj1-x1042.google.com ([2607:f8b0:4864:20::1042]:56087) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k7SeX-00063U-Et for grub-devel@gnu.org; Sun, 16 Aug 2020 20:05:31 -0400 Received: by mail-pj1-x1042.google.com with SMTP id 2so6924313pjx.5 for ; Sun, 16 Aug 2020 17:05:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficientek-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=A0RVoCpBAQvAMMkn7IyX34Wwa/P05DvjmibDMkdx2hk=; b=Qa5bMVlT3Ayh3kjGZzKrzVgua8Xwk+5BrcAX3kddidzg3DFQw6bzKLMDx+a1RFIIx0 jCxaA2aPQXp29aSz6P5mkGHh93MQv9INyxzTeidS3SLqxCFTgdvCxFuesEKhp+t8zfJk 74VkPdHyMFaWw8A+D+33xy3nS736bieR2o+8xlZ2zYvvIBF/pCNelBmu6Va9gT8XxOzf ixPiaOlKqOFU67lzdLg7FB6Td30/6FHNTn0x0K++sXzQhlaosHfHn6VRs2tb3yNV4Mdq o1crgAlxCUZCcMyS6HOzbaMcXjrXONskZ4cIF/h15S2IzVH2gs/N3VtxvMrKZTzzoylp zhpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=A0RVoCpBAQvAMMkn7IyX34Wwa/P05DvjmibDMkdx2hk=; b=ccxgbeEGbR+ryuEFPGK5anlHM/lpS3tpSxRhtvc5uBXQcEU6vyAzFa+bRWbNw7Ir3K R4Jj7U2eEue/QQULWLnorx04+QUw78zj6x+nW4BFa9ThzLQLuK2LvJc8xGdYon7mYZ4R eM7Pb0zPMxo3UzUtizPWdthHzuxhGc7mwjXKZr6hArE3eRhkeimC8xRlLVFYHQ5ieL2I 1op2GgcPy79uGYdaYdvXJwo4yH6+LaZaIMEYE9OsppDGrOw8zJmad8AaCCaRzILBIn1d gUEZpK63oWkLQEjteidCnp1l7N8ns5EkDLGf32YfndouEB2INnuuODoIxEZTxZ+vxCm2 b5JA== X-Gm-Message-State: AOAM5330gCH8OKY9j8QuvZZtAk4kHGuFWjgkZq0dIh3XrAtmRDRdgRAE E/bFGMgm0Gx4vrgifoFDlSTzWAxJ+4nGKg== X-Google-Smtp-Source: ABdhPJzA8Eq1awVNelJgDzAKUVN33ExF3BPUjVJtc9PWFdGe8syzmW9wByeyT3M0d0fNzP7Y5YoZGQ== X-Received: by 2002:a17:90b:19d2:: with SMTP id nm18mr10602832pjb.124.1597622727407; Sun, 16 Aug 2020 17:05:27 -0700 (PDT) Received: from crass-HP-ZBook-15-G2.lan ([136.49.44.103]) by smtp.gmail.com with ESMTPSA id h19sm14967000pjv.41.2020.08.16.17.05.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Aug 2020 17:05:26 -0700 (PDT) From: Glenn Washburn To: grub-devel@gnu.org Cc: Glenn Washburn Subject: [CRYPTOMOUNT-TEST 0/7] Add LUKS1/2 tests for cryptomount Date: Sun, 16 Aug 2020 19:05:11 -0500 Message-Id: <20200817000518.4006518-1-development@efficientek.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::1042; envelope-from=development@efficientek.com; helo=mail-pj1-x1042.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Aug 2020 00:05:31 -0000 Grub maintainers, Here is a patch set that adds functional testing for cryptomount with LUKS1/2 volumes. Also added is a required patch to add a new -p option to cryptomount for specifying passwords on the command line and importantly by-passing user input from the terminal. Currently, I rely heavily on the keyfile code added in the v5 patchset by Denis Carikli. It appears as though this code has been accepted for inclusion into master, but has not yet made it there. As I see it, it makes some sense to have testing code go in before code that it would be testing so that it might catch any issues with that code. However, because it leverages the keyfile code, it wouldn't be testing that much anyway, though it would for the detached header code. And from a git history perspective, it seems best to have testing come first. However, my concern is that that is not an option due to the timing of things. Also, its easier for me to not have to rework history to include my cryptodisk testing patchset and then update the v5 patchset. So my question, mainly for those who would ultimately decide on the inclusion of my patchset, is what is the route I should take to most easily get my testing patchset accepted? Should I base my patchset on current master (e7b8856f8be) (which would entail updating the Carikli's patchset) or base it on Carikli's patchset? As can be see from the current tests, LUKS1 detached header support from the v5 patchset is expected to fail. I have a patch for that, which I mentioned in a reply to the offending patch of the v5 patchset. Also, I plan on breaking up my CRYPTO-LUKS patchset into several smaller patchsets and change the current expected failure cases to expecting success as necessary, and basing those future patchsets on this one. Guidance would be much appreciated, Glenn Glenn Washburn (7): cryptodisk: Improve cryptomount short help string. cryptodisk: Allow cryptomount password to be specified as argument. grub-shell: Allow specifying non-default trim line contents. grub-shell: Trim line should always be matched from the beginning of the line. grub-shell: Only show grub-mkrescue output if it returns an error. tests: Add grub-shell-luks-tester to facilitate functional LUKS1/2 testing. test: Add cryptomount test. Makefile.util.def | 12 + grub-core/disk/cryptodisk.c | 29 ++- tests/grub_cmd_cryptomount.in | 156 +++++++++++++ tests/util/grub-shell-luks-tester.in | 319 +++++++++++++++++++++++++++ tests/util/grub-shell.in | 33 ++- 5 files changed, 530 insertions(+), 19 deletions(-) create mode 100644 tests/grub_cmd_cryptomount.in create mode 100644 tests/util/grub-shell-luks-tester.in -- 2.25.1