From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>,
linux-fscrypt@vger.kernel.org, linux-ext4@vger.kernel.org,
Daniel Rosenberg <drosen@google.com>,
linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH 2/4] fscrypt: add fscrypt_add_test_dummy_key()
Date: Tue, 12 May 2020 20:55:38 -0400 [thread overview]
Message-ID: <20200513005538.GF1596452@mit.edu> (raw)
In-Reply-To: <20200512233251.118314-3-ebiggers@kernel.org>
On Tue, May 12, 2020 at 04:32:49PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Currently, the test_dummy_encryption mount option (which is used for
> encryption I/O testing with xfstests) uses v1 encryption policies, and
> it relies on userspace inserting a test key into the session keyring.
>
> We need test_dummy_encryption to support v2 encryption policies too.
> Requiring userspace to add the test key doesn't work well with v2
> policies, since v2 policies only support the filesystem keyring (not the
> session keyring), and keys in the filesystem keyring are lost when the
> filesystem is unmounted. Hooking all test code that unmounts and
> re-mounts the filesystem would be difficult.
>
> Instead, let's make the filesystem automatically add the test key to its
> keyring when test_dummy_encryption is enabled.
>
> That puts the responsibility for choosing the test key on the kernel.
> We could just hard-code a key. But out of paranoia, let's first try
> using a per-boot random key, to prevent this code from being misused.
> A per-boot key will work as long as no one expects dummy-encrypted files
> to remain accessible after a reboot. (gce-xfstests doesn't.)
>
> Therefore, this patch adds a function fscrypt_add_test_dummy_key() which
> implements the above. The next patch will use it.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-05-13 0:55 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-12 23:32 [f2fs-dev] [PATCH 0/4] fscrypt: make '-o test_dummy_encryption' support v2 policies Eric Biggers
2020-05-12 23:32 ` [f2fs-dev] [PATCH 1/4] linux/parser.h: add include guards Eric Biggers
2020-05-13 0:53 ` Theodore Y. Ts'o
2020-05-13 3:06 ` Jaegeuk Kim
2020-05-12 23:32 ` [f2fs-dev] [PATCH 2/4] fscrypt: add fscrypt_add_test_dummy_key() Eric Biggers
2020-05-13 0:55 ` Theodore Y. Ts'o [this message]
2020-05-13 3:07 ` Jaegeuk Kim
2020-05-12 23:32 ` [f2fs-dev] [PATCH 3/4] fscrypt: support test_dummy_encryption=v2 Eric Biggers
2020-05-13 3:11 ` Jaegeuk Kim
2020-05-19 2:53 ` Theodore Y. Ts'o
2020-05-19 3:02 ` Eric Biggers
2020-05-19 3:11 ` Eric Biggers
2020-05-19 3:19 ` Jaegeuk Kim
2020-05-19 14:02 ` Theodore Y. Ts'o
2020-05-12 23:32 ` [f2fs-dev] [PATCH 4/4] fscrypt: make test_dummy_encryption use v2 by default Eric Biggers
2020-05-13 3:12 ` Jaegeuk Kim
2020-05-19 2:55 ` Theodore Y. Ts'o
2020-05-20 22:55 ` [f2fs-dev] [PATCH 0/4] fscrypt: make '-o test_dummy_encryption' support v2 policies Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200513005538.GF1596452@mit.edu \
--to=tytso@mit.edu \
--cc=drosen@google.com \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).