geli: optimize tests

Reduce the geli tests' runtime by about a third:

* In integrity_test:copy, use a file-backed md(4) device instead of a
  malloc'd one.  That way we can corrupt the underlying storage without
  needing to detach and reattach the geli device.

* In integrity_test:{copy, hmac, data} and onetime_test:{onetime,
  onetime_a}, move reads of /dev/random out of the loop.

MFC after:	2 weeks

tests/sys/geom/class/eli/conf.sh

@@ -20,12 +20,22 @@ attach_md()
 # func <cipher> <aalgo> <secsize>
 for_each_geli_config() {
 	func=$1
+	backing_filename=$2
 
 	# Double the sector size to allow for the HMACs' storage space.
 	osecsize=$(( $MAX_SECSIZE * 2 ))
 	# geli needs 512B for the label.
 	bytes=`expr $osecsize \* $sectors + 512`b
+
+	if [ -n "$backing_filename" ]; then
+		# Use a file-backed md(4) device, so we can deliberatly corrupt
+		# it without detaching the geli device first.
+		truncate -s $bytes backing_file
+		md=$(attach_md -t vnode -f backing_file)
+	else
 		md=$(attach_md -t malloc -s $bytes)
+	fi
+
 	for cipher in aes-xts:128 aes-xts:256 \
 	    aes-cbc:128 aes-cbc:192 aes-cbc:256 \
 	    3des-cbc:192 \

tests/sys/geom/class/eli/integrity_test.sh

@@ -12,31 +12,32 @@ copy_test() {
 		-K keyfile -s $secsize ${md}
 	atf_check geli attach -p -k keyfile ${md}
 
-	atf_check dd if=/dev/random of=/dev/${md}.eli bs=${secsize} count=1 status=none
+	atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=1 status=none
 
-	atf_check geli detach ${md}
 	# Copy first small sector to the second small sector.
 	# This should be detected as corruption.
-	atf_check dd if=/dev/${md} of=sector bs=512 count=1 status=none
-	atf_check dd if=sector of=/dev/${md} bs=512 count=1 seek=1 status=none
-	atf_check geli attach -p -k keyfile ${md}
+	atf_check dd if=backing_file of=sector bs=512 count=1 \
+		conv=notrunc status=none
+	atf_check dd if=sector of=backing_file bs=512 count=1 seek=1 \
+		conv=notrunc status=none
 
 	atf_check -s not-exit:0 -e ignore \
 		dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=1
 
 	# Fix the corruption
-	atf_check dd if=/dev/random of=/dev/${md}.eli bs=${secsize} count=2 status=none
-	atf_check dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=2 status=none
+	atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=2 status=none
+	atf_check dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=2 \
+		status=none
 
 	# Copy first big sector to the second big sector.
 	# This should be detected as corruption.
 	ms=`diskinfo /dev/${md} | awk '{print $3 - 512}'`
 	ns=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 	usecsize=`echo "($ms / $ns) - (($ms / $ns) % 512)" | bc`
-	atf_check geli detach ${md}
-	atf_check dd if=/dev/${md} bs=512 count=$(( ${usecsize} / 512 )) seek=$(( $secsize / 512 )) of=sector status=none
-	atf_check dd of=/dev/${md} bs=512 count=$(( ${usecsize} / 512 )) seek=$(( $secsize / 256 )) if=sector status=none
-	atf_check -s exit:0 -e ignore geli attach -p -k keyfile ${md}
+	atf_check dd if=backing_file bs=512 count=$(( ${usecsize} / 512 )) \
+		seek=$(( $secsize / 512 )) of=sector conv=notrunc status=none
+	atf_check dd of=backing_file bs=512 count=$(( ${usecsize} / 512 )) \
+		seek=$(( $secsize / 256 )) if=sector conv=notrunc status=none
 	atf_check -s not-exit:0 -e ignore \
 		dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=$ns
 }
@@ -55,7 +56,9 @@ copy_body()
 	sectors=2
 
 	atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none
-	for_each_geli_config copy_test
+	dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none
+	
+	for_each_geli_config copy_test backing_file
 }
 copy_cleanup()
 {
@@ -77,7 +80,7 @@ data_test() {
 
 	# Corrupt 8 bytes of data.
 	atf_check dd if=/dev/${md} of=sector bs=512 count=1 status=none
-	atf_check dd if=/dev/random of=sector bs=1 count=8 seek=64 conv=notrunc status=none
+	atf_check dd if=rnd of=sector bs=1 count=8 seek=64 conv=notrunc status=none
 	atf_check dd if=sector of=/dev/${md} bs=512 count=1 status=none
 	atf_check geli attach -p -k keyfile ${md}
 
@@ -100,6 +103,7 @@ data_body()
 	sectors=2
 
 	atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none
+	dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none
 	for_each_geli_config data_test
 }
 data_cleanup()
@@ -121,7 +125,7 @@ hmac_test() {
 
 	# Corrupt 8 bytes of HMAC.
 	atf_check dd if=/dev/${md} of=sector bs=512 count=1 status=none
-	atf_check dd if=/dev/random of=sector bs=1 count=16 conv=notrunc status=none
+	atf_check dd if=rnd of=sector bs=1 count=16 conv=notrunc status=none
 	atf_check dd if=sector of=/dev/${md} bs=512 count=1 status=none
 	atf_check geli attach -p -k keyfile ${md}
 
@@ -144,6 +148,7 @@ hmac_body()
 	sectors=2
 
 	atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none
+	dd if=/dev/random of=rnd bs=${MAX_SECSIZE} count=${sectors} status=none
 	for_each_geli_config hmac_test
 }
 hmac_cleanup()

tests/sys/geom/class/eli/onetime_test.sh

@@ -10,7 +10,6 @@ onetime_test()
 	atf_check -s exit:0 -o ignore -e ignore \
 		geli onetime -e $ealgo -l $keylen -s $secsize ${md}
 
-	atf_check dd if=/dev/random of=rnd bs=${secsize} count=${sectors} status=none
 	atf_check dd if=rnd of=/dev/${md}.eli bs=${secsize} count=${sectors} status=none
 
 	md_rnd=`dd if=rnd bs=${secsize} count=${sectors} status=none | md5`
@@ -82,7 +81,8 @@ onetime_a_body()
 	. $(atf_get_srcdir)/conf.sh
 	sectors=8
 
-	atf_check dd if=/dev/random of=rnd bs=1024 count=1024 status=none
+	atf_check dd if=/dev/random of=rnd bs=$MAX_SECSIZE count=$sectors \
+		status=none
 	for_each_geli_config onetime_a_test
 }
 onetime_a_cleanup()