cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

294 (2580B)

      1#!/usr/bin/env bash
      2# group: rw quick
      3#
      4# Copyright (C) 2019 Red Hat, Inc.
      5#
      6# This program is free software; you can redistribute it and/or modify
      7# it under the terms of the GNU General Public License as published by
      8# the Free Software Foundation; either version 2 of the License, or
      9# (at your option) any later version.
     10#
     11# This program is distributed in the hope that it will be useful,
     12# but WITHOUT ANY WARRANTY; without even the implied warranty of
     13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     14# GNU General Public License for more details.
     15#
     16# You should have received a copy of the GNU General Public License
     17# along with this program.  If not, see <http://www.gnu.org/licenses/>.
     18#
     19
     20# creator
     21owner=mlevitsk@redhat.com
     22
     23seq=`basename $0`
     24echo "QA output created by $seq"
     25
     26status=1	# failure is the default!
     27
     28_cleanup()
     29{
     30	_cleanup_test_img
     31}
     32trap "_cleanup; exit \$status" 0 1 2 3 15
     33
     34# get standard environment, filters and checks
     35. ./common.rc
     36. ./common.filter
     37
     38_supported_fmt luks
     39_supported_proto file fuse #TODO
     40
     41QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
     42
     43# you are supposed to see the password as *******, see :-)
     44S0="--object secret,id=sec0,data=hunter0"
     45S1="--object secret,id=sec1,data=hunter1"
     46SECRETS="$S0 $S1"
     47
     48
     49IMGS0="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec0"
     50IMGS1="--image-opts driver=$IMGFMT,file.filename=$TEST_IMG,key-secret=sec1"
     51
     52echo "== creating a test image =="
     53_make_test_img $S0 -o "key-secret=sec0,iter-time=10" 32M
     54
     55echo
     56echo "== test that key 0 opens the image =="
     57$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
     58
     59echo
     60echo "== adding a password to slot 1 =="
     61$QEMU_IMG amend $SECRETS $IMGS0 -o state=active,new-secret=sec1,keyslot=1,iter-time=10
     62
     63echo
     64echo "== 'backup' the image header =="
     65dd if=$TEST_IMG_FILE of=${TEST_IMG_FILE}.bk bs=4K skip=0 count=1
     66
     67echo
     68echo "== erase slot 0 =="
     69$QEMU_IMG amend $SECRETS $IMGS1 -o state=inactive,keyslot=0 | _filter_img_create
     70
     71echo
     72echo "== test that key 0 doesn't open the image =="
     73$QEMU_IO $S0 -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
     74
     75echo
     76echo "== 'restore' the image header =="
     77dd if=${TEST_IMG_FILE}.bk of=${TEST_IMG_FILE} bs=4K skip=0 count=1 conv=notrunc
     78
     79echo
     80echo "== test that key 0 still doesn't open the image (key material is erased) =="
     81$QEMU_IO $SECRETS -c "read 0 4096" $IMGS0 | _filter_qemu_io | _filter_testdir
     82
     83echo
     84echo "== test that key 1 still works =="
     85$QEMU_IO $SECRETS -c "read 0 4096" $IMGS1 | _filter_qemu_io | _filter_testdir
     86
     87echo "*** done"
     88rm -f $seq.full
     89status=0
     90
     91
     92exit 0