From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
Subject: Re: [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements
Date: Wed, 23 Oct 2019 11:00:37 -0700 [thread overview]
Message-ID: <20191023180035.GA208503@gmail.com> (raw)
In-Reply-To: <20191015181643.6519-1-ebiggers@kernel.org>
On Tue, Oct 15, 2019 at 11:16:34AM -0700, Eric Biggers wrote:
> Hello,
>
> This patchset adds xfstests for the new fscrypt functionality that was
> merged for 5.4 (https://git.kernel.org/torvalds/c/734d1ed83e1f9b7b),
> namely the new ioctls for managing filesystem encryption keys and the
> new/updated ioctls for v2 encryption policy support. It also includes
> ciphertext verification tests for v2 encryption policies.
>
> These tests require new xfs_io commands, which are present in the
> for-next branch of xfsprogs. They also need a kernel v5.4-rc1 or later.
> As is usual for xfstests, the tests will skip themselves if their
> prerequisites aren't met.
>
> Note: currently only ext4, f2fs, and ubifs support encryption. But I
> was told previously that since the fscrypt API is generic and may be
> supported by XFS in the future, the command-line wrappers for the
> fscrypt ioctls should be in xfs_io rather than in xfstests directly
> (https://marc.info/?l=fstests&m=147976255831951&w=2).
>
> This patchset can also be retrieved from tag
> "fscrypt-key-mgmt-improvements_2019-10-15" of
> https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/xfstests-dev.git
>
> Changes since v2:
>
> - Updated "common/encrypt: disambiguate session encryption keys" to
> rename the new instance of _generate_encryption_key() in generic/576.
>
> Changes since v1:
>
> - Addressed comments from Eryu Guan regarding
> _require_encryption_policy_support().
>
> - In generic/801, handle the fsgqa user having part of their key quota
> already consumed before beginning the test, in order to avoid a false
> test failure on some systems.
>
> Eric Biggers (9):
> common/encrypt: disambiguate session encryption keys
> common/encrypt: add helper functions that wrap new xfs_io commands
> common/encrypt: support checking for v2 encryption policy support
> common/encrypt: support verifying ciphertext of v2 encryption policies
> generic: add basic test for fscrypt API additions
> generic: add test for non-root use of fscrypt API additions
> generic: verify ciphertext of v2 encryption policies with AES-256
> generic: verify ciphertext of v2 encryption policies with AES-128
> generic: verify ciphertext of v2 encryption policies with Adiantum
>
Does anyone have any more comments on these tests?
- Eric
prev parent reply other threads:[~2019-10-23 18:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-15 18:16 [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements Eric Biggers
2019-10-15 18:16 ` [PATCH v3 1/9] common/encrypt: disambiguate session encryption keys Eric Biggers
2019-10-15 18:16 ` [PATCH v3 2/9] common/encrypt: add helper functions that wrap new xfs_io commands Eric Biggers
2019-10-15 18:16 ` [PATCH v3 3/9] common/encrypt: support checking for v2 encryption policy support Eric Biggers
2019-10-15 18:16 ` [PATCH v3 4/9] common/encrypt: support verifying ciphertext of v2 encryption policies Eric Biggers
2019-10-15 18:16 ` [PATCH v3 5/9] generic: add basic test for fscrypt API additions Eric Biggers
2019-10-15 18:16 ` [PATCH v3 6/9] generic: add test for non-root use of " Eric Biggers
2020-01-19 5:45 ` Murphy Zhou
2020-01-19 18:25 ` Eric Biggers
2020-01-20 2:20 ` Murphy Zhou
2020-01-29 0:45 ` Eric Biggers
2019-10-15 18:16 ` [PATCH v3 7/9] generic: verify ciphertext of v2 encryption policies with AES-256 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 8/9] generic: verify ciphertext of v2 encryption policies with AES-128 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 9/9] generic: verify ciphertext of v2 encryption policies with Adiantum Eric Biggers
2019-10-23 18:00 ` Eric Biggers [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191023180035.GA208503@gmail.com \
--to=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.