import libblockdev-2.24-7.el8

SOURCES/0004-Fix-default-key-size-for-non-XTS-ciphers.patch

@@ -0,0 +1,97 @@
+From 5d29bc014a33d9bdc1c5fb4b8add2f38850f46a8 Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Wed, 24 Feb 2021 14:44:03 +0100
+Subject: [PATCH] crypto: Fix default key size for non XTS ciphers
+
+512 bits should be default only for AES-XTS which needs two keys,
+default for other modes must be 256 bits.
+
+resolves: rhbz#1931847
+---
+ src/plugins/crypto.c | 11 +++++++++--
+ src/plugins/crypto.h |  2 +-
+ tests/crypto_test.py | 36 ++++++++++++++++++++++++++++++++++++
+ 3 files changed, 46 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c
+index f4a2e8f0..1e7043fa 100644
+--- a/src/plugins/crypto.c
++++ b/src/plugins/crypto.c
+@@ -774,8 +774,15 @@ static gboolean luks_format (const gchar *device, const gchar *cipher, guint64 k
+         return FALSE;
+     }
+ 
+-    /* resolve requested/default key_size (should be in bytes) */
+-    key_size = (key_size != 0) ? (key_size / 8) : (DEFAULT_LUKS_KEYSIZE_BITS / 8);
++    if (key_size == 0) {
++        if (g_str_has_prefix (cipher_specs[1], "xts-"))
++            key_size = DEFAULT_LUKS_KEYSIZE_BITS * 2;
++        else
++            key_size = DEFAULT_LUKS_KEYSIZE_BITS;
++    }
++
++    /* key_size should be in bytes */
++    key_size = key_size / 8;
+ 
+     /* wait for enough random data entropy (if requested) */
+     if (min_entropy > 0) {
+diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h
+index 71a1438d..a38724d9 100644
+--- a/src/plugins/crypto.h
++++ b/src/plugins/crypto.h
+@@ -36,7 +36,7 @@ typedef enum {
+ /* 20 chars * 6 bits per char (64-item charset) = 120 "bits of security" */
+ #define BD_CRYPTO_BACKUP_PASSPHRASE_LENGTH 20
+ 
+-#define DEFAULT_LUKS_KEYSIZE_BITS 512
++#define DEFAULT_LUKS_KEYSIZE_BITS 256
+ #define DEFAULT_LUKS_CIPHER "aes-xts-plain64"
+ #define DEFAULT_LUKS2_SECTOR_SIZE 512
+ 
+diff --git a/tests/crypto_test.py b/tests/crypto_test.py
+index 0609a070..0aecc032 100644
+--- a/tests/crypto_test.py
++++ b/tests/crypto_test.py
+@@ -236,6 +236,42 @@ def test_luks2_format(self):
+             self.fail("Failed to get pbkdf information from:\n%s %s" % (out, err))
+         self.assertEqual(int(m.group(1)), 5)
+ 
++    def _get_luks1_key_size(self, device):
++        _ret, out, err = run_command("cryptsetup luksDump %s" % device)
++        m = re.search(r"MK bits:\s*(\S+)\s*", out)
++        if not m or len(m.groups()) != 1:
++            self.fail("Failed to get key size information from:\n%s %s" % (out, err))
++        key_size = m.group(1)
++        if not key_size.isnumeric():
++            self.fail("Failed to get key size information from: %s" % key_size)
++        return int(key_size)
++
++    @tag_test(TestTags.SLOW, TestTags.CORE)
++    def test_luks_format_key_size(self):
++        """Verify that formating device as LUKS works"""
++
++        # aes-xts: key size should default to 512
++        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 0, PASSWD, None, 0)
++        self.assertTrue(succ)
++
++        key_size = self._get_luks1_key_size(self.loop_dev)
++        self.assertEqual(key_size, 512)
++
++        # aes-cbc: key size should default to 256
++        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-cbc-essiv:sha256", 0, PASSWD, None, 0)
++        self.assertTrue(succ)
++
++        key_size = self._get_luks1_key_size(self.loop_dev)
++        self.assertEqual(key_size, 256)
++
++        # try specifying key size for aes-xts
++        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 256, PASSWD, None, 0)
++        self.assertTrue(succ)
++
++        key_size = self._get_luks1_key_size(self.loop_dev)
++        self.assertEqual(key_size, 256)
++
++
+ class CryptoTestResize(CryptoTestCase):
+ 
+     def _get_key_location(self, device):

SOURCES/0005-Add-workarounds-for-some-LVM-test-issues.patch

@@ -0,0 +1,157 @@
+From 7c31cc534f96766dd2e3427b09d0affca66b0745 Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Tue, 23 Mar 2021 13:54:02 +0100
+Subject: [PATCH 1/3] tests: Do not try to remove VG before removing the VDO
+ pool
+
+---
+ tests/lvm_dbus_tests.py | 6 +++---
+ tests/lvm_test.py       | 6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py
+index 8f2bb95d..b599fdd0 100644
+--- a/tests/lvm_dbus_tests.py
++++ b/tests/lvm_dbus_tests.py
+@@ -1517,14 +1517,14 @@ def setUp(self):
+         self.assertTrue(succ)
+ 
+     def _clean_up(self):
+-        BlockDev.lvm_vgremove("testVDOVG")
+-        BlockDev.lvm_pvremove(self.loop_dev)
+-
+         try:
+             BlockDev.lvm_lvremove("testVDOVG", "vdoPool", True, None)
+         except:
+             pass
+ 
++        BlockDev.lvm_vgremove("testVDOVG")
++        BlockDev.lvm_pvremove(self.loop_dev)
++
+         try:
+             delete_lio_device(self.loop_dev)
+         except RuntimeError:
+diff --git a/tests/lvm_test.py b/tests/lvm_test.py
+index 6f80a3ba..6c04faf9 100644
+--- a/tests/lvm_test.py
++++ b/tests/lvm_test.py
+@@ -1437,14 +1437,14 @@ def setUp(self):
+         self.assertTrue(succ)
+ 
+     def _clean_up(self):
+-        BlockDev.lvm_vgremove("testVDOVG")
+-        BlockDev.lvm_pvremove(self.loop_dev)
+-
+         try:
+             BlockDev.lvm_lvremove("testVDOVG", "vdoPool", True, None)
+         except:
+             pass
+ 
++        BlockDev.lvm_vgremove("testVDOVG")
++        BlockDev.lvm_pvremove(self.loop_dev)
++
+         try:
+             delete_lio_device(self.loop_dev)
+         except RuntimeError:
+
+From 41b9d745b8c1a33221e15683f390bae180d1e960 Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Tue, 23 Mar 2021 13:59:24 +0100
+Subject: [PATCH 2/3] tests: Force remove LVM VG /dev/ entry not removed by
+ vgremove
+
+The directory is sometimes not removed. This is a known bug that
+causes subsequent test cases to fail.
+---
+ tests/lvm_dbus_tests.py | 6 ++++++
+ tests/lvm_test.py       | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py
+index b599fdd0..3278716e 100644
+--- a/tests/lvm_dbus_tests.py
++++ b/tests/lvm_dbus_tests.py
+@@ -399,6 +399,9 @@ def _clean_up(self):
+         except:
+             pass
+ 
++        # XXX remove lingering /dev entries
++        shutil.rmtree("/dev/testVG", ignore_errors=True)
++
+         LvmPVonlyTestCase._clean_up(self)
+ 
+ @unittest.skipUnless(lvm_dbus_running, "LVM DBus not running")
+@@ -1525,6 +1528,9 @@ def _clean_up(self):
+         BlockDev.lvm_vgremove("testVDOVG")
+         BlockDev.lvm_pvremove(self.loop_dev)
+ 
++        # XXX remove lingering /dev entries
++        shutil.rmtree("/dev/testVDOVG", ignore_errors=True)
++
+         try:
+             delete_lio_device(self.loop_dev)
+         except RuntimeError:
+diff --git a/tests/lvm_test.py b/tests/lvm_test.py
+index 6c04faf9..d7e1f84c 100644
+--- a/tests/lvm_test.py
++++ b/tests/lvm_test.py
+@@ -378,6 +378,9 @@ def _clean_up(self):
+         except:
+             pass
+ 
++        # XXX remove lingering /dev entries
++        shutil.rmtree("/dev/testVG", ignore_errors=True)
++
+         LvmPVonlyTestCase._clean_up(self)
+ 
+ class LvmTestVGcreateRemove(LvmPVVGTestCase):
+@@ -1445,6 +1448,9 @@ def _clean_up(self):
+         BlockDev.lvm_vgremove("testVDOVG")
+         BlockDev.lvm_pvremove(self.loop_dev)
+ 
++        # XXX remove lingering /dev entries
++        shutil.rmtree("/dev/testVDOVG", ignore_errors=True)
++
+         try:
+             delete_lio_device(self.loop_dev)
+         except RuntimeError:
+
+From 4ecf0075cedf3a1d275d34b94ce5bb512c4e970e Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Tue, 23 Mar 2021 14:03:44 +0100
+Subject: [PATCH 3/3] tests: Tag LvmPVVGLVcachePoolCreateRemoveTestCase as
+ unstable
+
+LVM randomly fails to activate the newly created metadata LV.
+Issue is reported to LVM and not yet fixed.
+---
+ tests/lvm_dbus_tests.py | 2 +-
+ tests/lvm_test.py       | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/tests/lvm_dbus_tests.py b/tests/lvm_dbus_tests.py
+index 3278716e..4882da88 100644
+--- a/tests/lvm_dbus_tests.py
++++ b/tests/lvm_dbus_tests.py
+@@ -1213,7 +1213,7 @@ def _clean_up(self):
+ 
+ @unittest.skipUnless(lvm_dbus_running, "LVM DBus not running")
+ class LvmPVVGLVcachePoolCreateRemoveTestCase(LvmPVVGLVcachePoolTestCase):
+-    @tag_test(TestTags.SLOW)
++    @tag_test(TestTags.SLOW, TestTags.UNSTABLE)
+     def test_cache_pool_create_remove(self):
+         """Verify that is it possible to create and remove a cache pool"""
+ 
+diff --git a/tests/lvm_test.py b/tests/lvm_test.py
+index d7e1f84c..eb94c917 100644
+--- a/tests/lvm_test.py
++++ b/tests/lvm_test.py
+@@ -1129,7 +1129,7 @@ def _clean_up(self):
+         LvmPVVGLVTestCase._clean_up(self)
+ 
+ class LvmPVVGLVcachePoolCreateRemoveTestCase(LvmPVVGLVcachePoolTestCase):
+-    @tag_test(TestTags.SLOW)
++    @tag_test(TestTags.SLOW, TestTags.UNSTABLE)
+     def test_cache_pool_create_remove(self):
+         """Verify that is it possible to create and remove a cache pool"""
+ 

SPECS/libblockdev.spec

@@ -125,7 +125,7 @@
 
 Name:        libblockdev
 Version:     2.24
-Release:     5%{?dist}
+Release:     7%{?dist}
 Summary:     A library for low-level manipulation with block devices
 License:     LGPLv2+
 URL:         https://github.com/storaged-project/libblockdev
@@ -133,6 +133,8 @@ Source0:     https://github.com/storaged-project/libblockdev/releases/download/%
 Patch0:      0001-exec-Fix-setting-locale-for-util-calls.patch
 Patch1:      0002-exec-polling-fixes.patch
 Patch2:      0003-LVM-thin-metadata-calculation-fix.patch
+Patch3:      0004-Fix-default-key-size-for-non-XTS-ciphers.patch
+Patch4:      0005-Add-workarounds-for-some-LVM-test-issues.patch
 
 BuildRequires: glib2-devel
 %if %{with_gi}
@@ -691,6 +693,8 @@ A meta-package that pulls all the libblockdev plugins as dependencies.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
+%patch4 -p1
 
 %build
 autoreconf -ivf
@@ -994,6 +998,14 @@ find %{buildroot} -type f -name "*.la" | xargs %{__rm}
 %files plugins-all
 
 %changelog
+* Wed Jun 30 2021 Vojtech Trefny <vtrefny@redhat.com> - 2.24-7
+- Add workarounds for some LVM test issues
+  Resolves: rhbz#1974352
+
+* Fri May 14 2021 Vojtech Trefny <vtrefny@redhat.com> - 2.24-6
+- Fix default key size for non XTS ciphers
+  Resolves: rhbz#1931847
+
 * Mon Jan 11 2021 Vojtech Trefny <vtrefny@redhat.com> - 2.24-5
 - Fix LVM thin metadata calculation fix
   Resolves: rhbz#1901714