Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- set -x
- echo "Cryptsetup disk benchmark script"
- # Default settings assume a 1G tmpfs is mount at /tmp and mostly unused
- # add this to /etc/fstab and reboot:
- #tmpfs /tmp tmpfs nodev,nosuid,size=1G 0 0
- # Alternatively, change SRCDEV to an existing disk.
- SRCDEV="$1"
- if [[ -z "$SRCDEV" ]]; then
- SRCDEV=/dev/sda1
- #SRCDEV=/tmp/testcontainer.bin
- fi
- SRCDEVSIZE=939524096
- TESTKEY=/tmp/testkey.key
- TESTKEYSIZE=512
- PASSHASH=sha512
- FILEBLOCKSIZE=8M
- FILEBLOCKCOUNT=100
- CRYPTDEVNAME=test
- MOUNTPOINT=/mnt
- # conv=fsync causes write test to flush more often but less intelligently
- DDWRITEEXTRACMDS="conv=fsync"
- DDREADEXTRACMDS=""
- if [[ "$USER" != "root" ]]; then
- echo "Must be root"
- exit 1
- fi
- echo -e "\nDEVICE: ${SRCDEV}\nKEYFILE: ${TESTKEY}\n"
- echo "WARNING: THIS TEST IS DESTRUCTIVE TO THE TARGET DEVICE - BACKUP DATA FIRST - KERNEL BUGS COULD ALSO AFFECT OTHER PARTITIONS/FILES ON THE SAME DRIVE"
- read -r -N 1 -p "PRESS 'Y' TO START, ANY OTHER KEY TO EXIT... " VALREPLY
- if [[ "${VALREPLY}" != "y" ]] && [[ "${VALREPLY}" != "Y" ]]; then
- echo ""
- echo "Aborted."
- exit 2
- fi
- echo ""
- if [[ ! -e "$SRCDEV" ]]; then
- fallocate -l $SRCDEVSIZE "$SRCDEV" || { echo "ERROR allocating"; exit 1; }
- fi
- if [[ ! -e "$TESTKEY" ]]; then
- dd if=/dev/urandom of="$TESTKEY" bs=${TESTKEYSIZE} count=1 ; sync || { echo "ERROR making key"; exit 1; }
- fi
- if [[ ! -d "$MOUNTPOINT" ]]; then
- mkdir -p "$MOUNTPOINT" || { echo "ERROR making mount point"; exit 1; }
- fi
- clear_caches()
- {
- sync
- echo 3 > /proc/sys/vm/drop_caches
- sync
- }
- test_cipher()
- {
- local cipher="$1"
- local keysize="$2"
- echo ""
- echo "$cipher ($keysize bit key)"
- cryptsetup luksFormat -q -d "$TESTKEY" --cipher $cipher -h $PASSHASH -s $keysize "$SRCDEV" && sync && \
- cryptsetup open -q -d "$TESTKEY" "$SRCDEV" ${CRYPTDEVNAME} && mkfs.ext4 -q /dev/mapper/${CRYPTDEVNAME} && sync && mount /dev/mapper/${CRYPTDEVNAME} "$MOUNTPOINT" && cd "$MOUNTPOINT" && clear_caches && \
- echo "WRITE:" && dd ${DDWRITEEXTRACMDS} if=/dev/zero of=temp.bin bs=$FILEBLOCKSIZE count=$FILEBLOCKCOUNT && clear_caches &&
- echo "READ:" && dd ${DDREADEXTRACMDS} if=temp.bin of=/dev/null bs=$FILEBLOCKSIZE count=$FILEBLOCKCOUNT && clear_caches && \
- cd / && umount "$MOUNTPOINT" && cryptsetup close -q ${CRYPTDEVNAME} && sync
- }
- control_c()
- {
- cd /
- sync
- if mount | grep -qP "^/dev/mapper/${CRYPTDEVNAME}\\s"; then
- echo "Unmounting..."
- umount "$MOUNTPOINT"
- fi
- sync
- if [[ -e "/dev/mapper/${CRYPTDEVNAME}" ]]; then
- echo "Closing crypt device..."
- cryptsetup close ${CRYPTDEVNAME}
- fi
- exit 0
- }
- trap control_c EXIT
- test_cipher aes-cbc-essiv:sha256 128 && \
- test_cipher aes-cbc-essiv:sha256 256 && \
- test_cipher aes-xts-plain64 256 && \
- test_cipher aes-xts-plain64 512 && \
- test_cipher twofish-cbc-essiv:sha256 128 && \
- test_cipher twofish-cbc-essiv:sha256 256 && \
- test_cipher twofish-xts-plain64 256 && \
- test_cipher twofish-xts-plain64 512 && \
- test_cipher serpent-cbc-essiv:sha256 128 && \
- test_cipher serpent-cbc-essiv:sha256 256 && \
- test_cipher serpent-xts-plain64 256 && \
- test_cipher serpent-xts-plain64 512 && \
- true || { echo "ERROR in test"; exit 1; }
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement