linux-fscrypt.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
Subject: [PATCH v2 0/9] xfstests: add tests for fscrypt key management improvements
Date: Thu, 19 Sep 2019 17:37:44 -0700	[thread overview]
Message-ID: <20190920003753.40281-1-ebiggers@kernel.org> (raw)

Hello,

This patchset adds xfstests for the new fscrypt ioctls that were merged
for 5.4 (https://git.kernel.org/torvalds/c/734d1ed83e1f9b7b), namely the
new ioctls for managing filesystem encryption keys and the new/updated
ioctls for v2 encryption policy support.  It also includes ciphertext
verification tests for v2 encryption policies.

These tests depend on new xfs_io commands, for which I've sent a
separate patchset for xfsprogs.  They also need a kernel built from the
very latest mainline.  As is usual for xfstests, the tests will skip
themselves if the needed prerequisites aren't met.

Note: currently only ext4, f2fs, and ubifs support encryption.  But I
was told previously that since the fscrypt API is generic and may be
supported by XFS in the future, the command-line wrappers for the
fscrypt ioctls should be in xfs_io rather than in xfstests directly
(https://marc.info/?l=fstests&m=147976255831951&w=2).

This version of the xfstests patchset can also be retrieved from tag
"fscrypt-key-mgmt-improvements_2019-09-19" of
https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/xfstests-dev.git

Changes since v1:

- Addressed comments from Eryu Guan regarding
  _require_encryption_policy_support().

- In generic/801, handle the fsgqa user having part of their key quota
  already consumed before beginning the test, in order to avoid a false
  test failure on some systems.

Eric Biggers (9):
  common/encrypt: disambiguate session encryption keys
  common/encrypt: add helper functions that wrap new xfs_io commands
  common/encrypt: support checking for v2 encryption policy support
  common/encrypt: support verifying ciphertext of v2 encryption policies
  generic: add basic test for fscrypt API additions
  generic: add test for non-root use of fscrypt API additions
  generic: verify ciphertext of v2 encryption policies with AES-256
  generic: verify ciphertext of v2 encryption policies with AES-128
  generic: verify ciphertext of v2 encryption policies with Adiantum

 common/encrypt           | 181 +++++++++++++++++++----
 src/fscrypt-crypt-util.c | 304 ++++++++++++++++++++++++++++++++++-----
 tests/ext4/024           |   2 +-
 tests/generic/397        |   4 +-
 tests/generic/398        |   8 +-
 tests/generic/399        |   4 +-
 tests/generic/419        |   4 +-
 tests/generic/421        |   4 +-
 tests/generic/429        |   8 +-
 tests/generic/435        |   4 +-
 tests/generic/440        |   8 +-
 tests/generic/800        | 127 ++++++++++++++++
 tests/generic/800.out    |  91 ++++++++++++
 tests/generic/801        | 144 +++++++++++++++++++
 tests/generic/801.out    |  62 ++++++++
 tests/generic/802        |  43 ++++++
 tests/generic/802.out    |   6 +
 tests/generic/803        |  43 ++++++
 tests/generic/803.out    |   6 +
 tests/generic/804        |  45 ++++++
 tests/generic/804.out    |  11 ++
 tests/generic/group      |   5 +
 22 files changed, 1028 insertions(+), 86 deletions(-)
 create mode 100755 tests/generic/800
 create mode 100644 tests/generic/800.out
 create mode 100755 tests/generic/801
 create mode 100644 tests/generic/801.out
 create mode 100755 tests/generic/802
 create mode 100644 tests/generic/802.out
 create mode 100755 tests/generic/803
 create mode 100644 tests/generic/803.out
 create mode 100755 tests/generic/804
 create mode 100644 tests/generic/804.out

-- 
2.23.0.351.gc4317032e6-goog

             reply	other threads:[~2019-09-20  0:37 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-20  0:37 Eric Biggers [this message]
2019-09-20  0:37 ` [PATCH v2 1/9] common/encrypt: disambiguate session encryption keys Eric Biggers
2019-09-20  0:37 ` [PATCH v2 2/9] common/encrypt: add helper functions that wrap new xfs_io commands Eric Biggers
2019-09-20  0:37 ` [PATCH v2 3/9] common/encrypt: support checking for v2 encryption policy support Eric Biggers
2019-09-20  0:37 ` [PATCH v2 4/9] common/encrypt: support verifying ciphertext of v2 encryption policies Eric Biggers
2019-09-20  0:37 ` [PATCH v2 5/9] generic: add basic test for fscrypt API additions Eric Biggers
2019-09-20  0:37 ` [PATCH v2 6/9] generic: add test for non-root use of " Eric Biggers
2019-09-20  0:37 ` [PATCH v2 7/9] generic: verify ciphertext of v2 encryption policies with AES-256 Eric Biggers
2019-09-20  0:37 ` [PATCH v2 8/9] generic: verify ciphertext of v2 encryption policies with AES-128 Eric Biggers
2019-09-20  0:37 ` [PATCH v2 9/9] generic: verify ciphertext of v2 encryption policies with Adiantum Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190920003753.40281-1-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=fstests@vger.kernel.org \
    --cc=linux-fscrypt@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).