Subject: Avoid luksmeta corruption on clevis bind (#319) Origin: v18-5-gd8a25e3 Upstream-Author: Sergio Arroutbi Date: Tue Jun 15 12:51:23 2021 +0200 When using long key information to be stored in luks metadata, luksmeta save is not reporting the corruption of LUKs meta. This change detects if issue occurs after luksmeta metadata save and, in that case, restores the device. Fixes #181 Signed-off-by: Sergio Arroutbi Braojos --- a/src/luks/clevis-luks-common-functions.in +++ b/src/luks/clevis-luks-common-functions.in @@ -448,6 +448,12 @@ echo "Error saving metadata to LUKSMeta slot ${SLOT} from ${DEV}" >&2 return 1 fi + + if ! luksmeta test -d "${DEV}" 2>/dev/null >/dev/null ; then + echo "Error detected after saving metadata to LUKSMeta slot ${SLOT}, device ${DEV}" >&2 + return 1 + fi + return 0 } --- /dev/null +++ b/src/luks/tests/bind-luks1-avoid-luksmeta-corruption @@ -0,0 +1,55 @@ +#!/bin/bash -ex +# +# Copyright (c) 2021 Red Hat, Inc. +# Author: Sergio Arroutbi Braojos +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +TEST=$(basename "${0}") +. tests-common-functions + +on_exit() { + [ ! -d "${TMP}" ] && return 0 + tang_stop "${TMP}" + rm -rf "${TMP}" +} + +trap 'on_exit' EXIT + +TMP="$(mktemp -d)" + +ADV_AMOUNT=50 + +# Create LUKS1 device +DEV="${TMP}/luks1-device" +new_device "luks1" "${DEV}" + +# TANG server specifics +port=$(tang_new_random_port) +tang_run "${TMP}" "${port}" +url="http://localhost:${port}" + +# Initial binding to ensure luksmeta gets corrupted +for ADV_NU in $(seq 0 ${ADV_AMOUNT}); do + "${TANGD_KEYGEN}" "${TMP}/db" +done +tang_new_keys "${TMP}" + +CFG=$(printf '{"url":"%s"}' "${url}") + +# At this point, luks bind must return an error. If not, test fails +if clevis luks bind -y -d "${DEV}" tang "${CFG}" <<< "${DEFAULT_PASS}"; then + error "${TEST}: Binding is expected to fail when given a too long adv" +fi --- a/src/luks/tests/meson.build +++ b/src/luks/tests/meson.build @@ -59,6 +59,7 @@ test('backup-restore-luks1', find_program('backup-restore-luks1'), env: env, timeout: 60) test('pass-tang-luks1', find_program('pass-tang-luks1'), env: env, timeout: 60) +test('bind-luks1-avoid-luksmeta-corruption', find_program('bind-luks1-avoid-luksmeta-corruption'), env: env, timeout: 60) # LUKS2 tests go here, and they get included if we get support for it, based # on the cryptsetup version.