linux-fscrypt.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: fstests@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
Subject: [PATCH v3 1/9] common/encrypt: disambiguate session encryption keys
Date: Tue, 15 Oct 2019 11:16:35 -0700	[thread overview]
Message-ID: <20191015181643.6519-2-ebiggers@kernel.org> (raw)
In-Reply-To: <20191015181643.6519-1-ebiggers@kernel.org>

From: Eric Biggers <ebiggers@google.com>

Rename the helper functions that add/remove keys from the session
keyring, in order to distinguish them from the helper functions I'll be
adding to add/remove keys from the new filesystem-level keyring.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 common/encrypt    | 20 ++++++++++----------
 tests/ext4/024    |  2 +-
 tests/generic/397 |  4 ++--
 tests/generic/398 |  8 ++++----
 tests/generic/399 |  4 ++--
 tests/generic/419 |  4 ++--
 tests/generic/421 |  4 ++--
 tests/generic/429 |  8 ++++----
 tests/generic/435 |  4 ++--
 tests/generic/440 |  8 ++++----
 tests/generic/576 |  2 +-
 11 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/common/encrypt b/common/encrypt
index 06a56ed9..7bbe1936 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -89,7 +89,7 @@ _require_encryption_policy_support()
 	mkdir $dir
 	_require_command "$KEYCTL_PROG" keyctl
 	_new_session_keyring
-	local keydesc=$(_generate_encryption_key)
+	local keydesc=$(_generate_session_encryption_key)
 	if _set_encpolicy $dir $keydesc $set_encpolicy_args \
 		2>&1 >>$seqres.full | egrep -q 'Invalid argument'; then
 		_notrun "kernel does not support encryption policy: '$set_encpolicy_args'"
@@ -153,7 +153,7 @@ _generate_key_descriptor()
 	echo $keydesc
 }
 
-# Generate a raw encryption key, but don't add it to the keyring yet.
+# Generate a raw encryption key, but don't add it to any keyring yet.
 _generate_raw_encryption_key()
 {
 	local raw=""
@@ -166,7 +166,7 @@ _generate_raw_encryption_key()
 
 # Add the specified raw encryption key to the session keyring, using the
 # specified key descriptor.
-_add_encryption_key()
+_add_session_encryption_key()
 {
 	local keydesc=$1
 	local raw=$2
@@ -209,26 +209,26 @@ _add_encryption_key()
 # keyctl program.  It's assumed the caller has already set up a test-scoped
 # session keyring using _new_session_keyring.
 #
-_generate_encryption_key()
+_generate_session_encryption_key()
 {
 	local keydesc=$(_generate_key_descriptor)
 	local raw=$(_generate_raw_encryption_key)
 
-	_add_encryption_key $keydesc $raw
+	_add_session_encryption_key $keydesc $raw
 
 	echo $keydesc
 }
 
 # Unlink an encryption key from the session keyring, given its key descriptor.
-_unlink_encryption_key()
+_unlink_session_encryption_key()
 {
 	local keydesc=$1
 	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
 	$KEYCTL_PROG unlink $keyid >>$seqres.full
 }
 
-# Revoke an encryption key from the keyring, given its key descriptor.
-_revoke_encryption_key()
+# Revoke an encryption key from the session keyring, given its key descriptor.
+_revoke_session_encryption_key()
 {
 	local keydesc=$1
 	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
@@ -412,7 +412,7 @@ _require_get_ciphertext_filename_support()
 		_scratch_mount
 		_new_session_keyring
 
-		local keydesc=$(_generate_encryption_key)
+		local keydesc=$(_generate_session_encryption_key)
 		local dir=$SCRATCH_MNT/test.${FUNCNAME[0]}
 		local file=$dir/$(perl -e 'print "A" x 255')
 		mkdir $dir
@@ -634,7 +634,7 @@ _verify_ciphertext_for_encryption_policy()
 	local raw_key=$(_generate_raw_encryption_key)
 	local keydesc=$(_generate_key_descriptor)
 	_new_session_keyring
-	_add_encryption_key $keydesc $raw_key
+	_add_session_encryption_key $keydesc $raw_key
 	local raw_key_hex=$(echo "$raw_key" | tr -d '\\x')
 
 	echo
diff --git a/tests/ext4/024 b/tests/ext4/024
index a86cc417..95243b70 100755
--- a/tests/ext4/024
+++ b/tests/ext4/024
@@ -53,7 +53,7 @@ _new_session_keyring
 _scratch_mkfs_encrypted &>>$seqres.full
 _scratch_mount
 mkdir $SCRATCH_MNT/edir
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 _set_encpolicy $SCRATCH_MNT/edir $keydesc
 echo foo > $SCRATCH_MNT/edir/file
 inum=$(stat -c '%i' $SCRATCH_MNT/edir/file)
diff --git a/tests/generic/397 b/tests/generic/397
index a97e866b..f2e22950 100755
--- a/tests/generic/397
+++ b/tests/generic/397
@@ -45,7 +45,7 @@ _scratch_mkfs_encrypted &>> $seqres.full
 _scratch_mount
 
 mkdir $SCRATCH_MNT/edir $SCRATCH_MNT/ref_dir
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 _set_encpolicy $SCRATCH_MNT/edir $keydesc
 for dir in $SCRATCH_MNT/edir $SCRATCH_MNT/ref_dir; do
 	touch $dir/empty > /dev/null
@@ -92,7 +92,7 @@ filter_create_errors()
 	    -e 's/Operation not permitted/Required key not available/'
 }
 
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 _scratch_cycle_mount
 
 # Check that unencrypted names aren't there
diff --git a/tests/generic/398 b/tests/generic/398
index d224e021..9727b2de 100755
--- a/tests/generic/398
+++ b/tests/generic/398
@@ -68,8 +68,8 @@ edir1=$SCRATCH_MNT/edir1
 edir2=$SCRATCH_MNT/edir2
 udir=$SCRATCH_MNT/udir
 mkdir $edir1 $edir2 $udir
-keydesc1=$(_generate_encryption_key)
-keydesc2=$(_generate_encryption_key)
+keydesc1=$(_generate_session_encryption_key)
+keydesc2=$(_generate_session_encryption_key)
 _set_encpolicy $edir1 $keydesc1
 _set_encpolicy $edir2 $keydesc2
 touch $edir1/efile1
@@ -141,8 +141,8 @@ rm $edir1/fifo $edir2/fifo $udir/fifo
 # Now test that *without* access to the encrypted key, we cannot use an exchange
 # (cross rename) operation to move a forbidden file into an encrypted directory.
 
-_unlink_encryption_key $keydesc1
-_unlink_encryption_key $keydesc2
+_unlink_session_encryption_key $keydesc1
+_unlink_session_encryption_key $keydesc2
 _scratch_cycle_mount
 efile1=$(find $edir1 -type f)
 efile2=$(find $edir2 -type f)
diff --git a/tests/generic/399 b/tests/generic/399
index dfd8d3c2..b2aaac13 100755
--- a/tests/generic/399
+++ b/tests/generic/399
@@ -61,7 +61,7 @@ dd if=/dev/zero of=$SCRATCH_DEV bs=$((1024 * 1024)) \
 _scratch_mkfs_sized_encrypted $fs_size &>> $seqres.full
 _scratch_mount
 
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 mkdir $SCRATCH_MNT/encrypted_dir
 _set_encpolicy $SCRATCH_MNT/encrypted_dir $keydesc
 
@@ -127,7 +127,7 @@ done
 # memory than the '-9' preset.  The memory needed with our settings will be
 # 64 * 6.5 = 416 MB; see xz(1).
 #
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 _scratch_unmount
 fs_compressed_size=$(head -c $fs_size $SCRATCH_DEV | \
 	xz --lzma2=dict=64M,mf=hc4,mode=fast,nice=16 | \
diff --git a/tests/generic/419 b/tests/generic/419
index 0abbac90..d07aec05 100755
--- a/tests/generic/419
+++ b/tests/generic/419
@@ -47,11 +47,11 @@ _scratch_mkfs_encrypted &>> $seqres.full
 _scratch_mount
 
 mkdir $SCRATCH_MNT/edir
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 _set_encpolicy $SCRATCH_MNT/edir $keydesc
 echo a > $SCRATCH_MNT/edir/a
 echo b > $SCRATCH_MNT/edir/b
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 _scratch_cycle_mount
 
 # Note that because encrypted filenames are unpredictable, this needs to be
diff --git a/tests/generic/421 b/tests/generic/421
index c8cc2dcc..f634a431 100755
--- a/tests/generic/421
+++ b/tests/generic/421
@@ -51,7 +51,7 @@ slice=2
 # Create an encrypted file and sync its data to disk.
 rm -rf $dir
 mkdir $dir
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 _set_encpolicy $dir $keydesc
 $XFS_IO_PROG -f $file -c "pwrite 0 $((nproc*slice))M" -c "fsync" > /dev/null
 
@@ -71,7 +71,7 @@ done
 sleep 1
 
 # Revoke the encryption key.
-keyid=$(_revoke_encryption_key $keydesc)
+keyid=$(_revoke_session_encryption_key $keydesc)
 
 # Now try to open the file again.  In buggy kernels this caused concurrent
 # readers to crash with a NULL pointer dereference during decryption.
diff --git a/tests/generic/429 b/tests/generic/429
index 472fdbd9..6c18c543 100755
--- a/tests/generic/429
+++ b/tests/generic/429
@@ -56,7 +56,7 @@ _new_session_keyring
 keydesc=$(_generate_key_descriptor)
 raw_key=$(_generate_raw_encryption_key)
 mkdir $SCRATCH_MNT/edir
-_add_encryption_key $keydesc $raw_key
+_add_session_encryption_key $keydesc $raw_key
 _set_encpolicy $SCRATCH_MNT/edir $keydesc
 
 # Create two files in the directory: one whose name is valid in the base64
@@ -96,7 +96,7 @@ show_directory_with_key()
 # the correct number of them are listed by readdir, and save them for later.
 echo
 echo "***** Without encryption key *****"
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 _scratch_cycle_mount
 echo "--- Directory listing:"
 ciphertext_names=( $(find $SCRATCH_MNT/edir -mindepth 1 | sort) )
@@ -109,7 +109,7 @@ show_file_contents
 # stale dentries.
 echo
 echo "***** With encryption key *****"
-_add_encryption_key $keydesc $raw_key
+_add_session_encryption_key $keydesc $raw_key
 show_directory_with_key
 
 # Test for ->d_revalidate() race conditions.
@@ -127,7 +127,7 @@ echo "***** After key revocation *****"
 	exec 3<$SCRATCH_MNT/edir
 	exec 4<$SCRATCH_MNT/edir/@@@
 	exec 5<$SCRATCH_MNT/edir/abcd
-	_revoke_encryption_key $keydesc
+	_revoke_session_encryption_key $keydesc
 	show_directory_with_key
 )
 
diff --git a/tests/generic/435 b/tests/generic/435
index 073596f3..f12d2be8 100755
--- a/tests/generic/435
+++ b/tests/generic/435
@@ -50,7 +50,7 @@ _new_session_keyring
 _scratch_mkfs_encrypted &>> $seqres.full
 _scratch_mount
 mkdir $SCRATCH_MNT/edir
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 # -f 0x2: zero-pad to 16-byte boundary (i.e. encryption block boundary)
 _set_encpolicy $SCRATCH_MNT/edir $keydesc -f 0x2
 
@@ -66,7 +66,7 @@ _set_encpolicy $SCRATCH_MNT/edir $keydesc -f 0x2
 seq -f "$SCRATCH_MNT/edir/abcdefghijklmnopqrstuvwxyz012345%.0f" 100000 | xargs touch
 find $SCRATCH_MNT/edir/ -type f | xargs stat -c %i | sort | uniq | wc -l
 
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 _scratch_cycle_mount
 
 # Verify that every file has a unique inode number and can be removed without
diff --git a/tests/generic/440 b/tests/generic/440
index 434286f4..1ec1ed48 100755
--- a/tests/generic/440
+++ b/tests/generic/440
@@ -46,7 +46,7 @@ _scratch_mkfs_encrypted &>> $seqres.full
 _scratch_mount
 keydesc=$(_generate_key_descriptor)
 raw_key=$(_generate_raw_encryption_key)
-_add_encryption_key $keydesc $raw_key
+_add_session_encryption_key $keydesc $raw_key
 
 # Set up an encrypted directory containing a regular file, a subdirectory, and a
 # symlink.
@@ -65,7 +65,7 @@ echo
 echo "***** Parent has key, but child doesn't *****"
 exec 3< $SCRATCH_MNT/edir # pin inode with cached key in memory
 ls $SCRATCH_MNT/edir | sort
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 cat $SCRATCH_MNT/edir/file |& _filter_scratch
 ls $SCRATCH_MNT/edir/subdir
 cat $SCRATCH_MNT/edir/symlink |& _filter_scratch
@@ -79,14 +79,14 @@ exec 3>&-
 # plaintext contents, even though its filename is shown in ciphertext!
 echo
 echo "***** Child has key, but parent doesn't *****"
-_add_encryption_key $keydesc $raw_key
+_add_session_encryption_key $keydesc $raw_key
 mkdir $SCRATCH_MNT/edir2
 _set_encpolicy $SCRATCH_MNT/edir2 $keydesc
 ln $SCRATCH_MNT/edir/file $SCRATCH_MNT/edir2/link
 _scratch_cycle_mount
 cat $SCRATCH_MNT/edir2/link
 exec 3< $SCRATCH_MNT/edir2/link # pin inode with cached key in memory
-_unlink_encryption_key $keydesc
+_unlink_session_encryption_key $keydesc
 stat $SCRATCH_MNT/edir/file |& _filter_scratch
 cat "$(find $SCRATCH_MNT/edir/ -type f)"
 exec 3>&-
diff --git a/tests/generic/576 b/tests/generic/576
index 254199ca..58525295 100755
--- a/tests/generic/576
+++ b/tests/generic/576
@@ -47,7 +47,7 @@ fsv_file=$edir/file.fsv
 
 # Set up an encrypted directory.
 _new_session_keyring
-keydesc=$(_generate_encryption_key)
+keydesc=$(_generate_session_encryption_key)
 mkdir $edir
 _set_encpolicy $edir $keydesc
 
-- 
2.23.0.700.g56cf767bdb-goog

  reply	other threads:[~2019-10-15 18:25 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-15 18:16 [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements Eric Biggers
2019-10-15 18:16 ` Eric Biggers [this message]
2019-10-15 18:16 ` [PATCH v3 2/9] common/encrypt: add helper functions that wrap new xfs_io commands Eric Biggers
2019-10-15 18:16 ` [PATCH v3 3/9] common/encrypt: support checking for v2 encryption policy support Eric Biggers
2019-10-15 18:16 ` [PATCH v3 4/9] common/encrypt: support verifying ciphertext of v2 encryption policies Eric Biggers
2019-10-15 18:16 ` [PATCH v3 5/9] generic: add basic test for fscrypt API additions Eric Biggers
2019-10-15 18:16 ` [PATCH v3 6/9] generic: add test for non-root use of " Eric Biggers
2020-01-19  5:45   ` Murphy Zhou
2020-01-19 18:25     ` Eric Biggers
2020-01-20  2:20       ` Murphy Zhou
2020-01-29  0:45         ` Eric Biggers
2019-10-15 18:16 ` [PATCH v3 7/9] generic: verify ciphertext of v2 encryption policies with AES-256 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 8/9] generic: verify ciphertext of v2 encryption policies with AES-128 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 9/9] generic: verify ciphertext of v2 encryption policies with Adiantum Eric Biggers
2019-10-23 18:00 ` [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191015181643.6519-2-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=fstests@vger.kernel.org \
    --cc=linux-fscrypt@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).