linux-fscrypt.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements
@ 2019-10-15 18:16 Eric Biggers
  2019-10-15 18:16 ` [PATCH v3 1/9] common/encrypt: disambiguate session encryption keys Eric Biggers
                   ` (9 more replies)
  0 siblings, 10 replies; 15+ messages in thread
From: Eric Biggers @ 2019-10-15 18:16 UTC (permalink / raw)
  To: fstests; +Cc: linux-fscrypt

Hello,

This patchset adds xfstests for the new fscrypt functionality that was
merged for 5.4 (https://git.kernel.org/torvalds/c/734d1ed83e1f9b7b),
namely the new ioctls for managing filesystem encryption keys and the
new/updated ioctls for v2 encryption policy support.  It also includes
ciphertext verification tests for v2 encryption policies.

These tests require new xfs_io commands, which are present in the
for-next branch of xfsprogs.  They also need a kernel v5.4-rc1 or later.
As is usual for xfstests, the tests will skip themselves if their
prerequisites aren't met.

Note: currently only ext4, f2fs, and ubifs support encryption.  But I
was told previously that since the fscrypt API is generic and may be
supported by XFS in the future, the command-line wrappers for the
fscrypt ioctls should be in xfs_io rather than in xfstests directly
(https://marc.info/?l=fstests&m=147976255831951&w=2).

This patchset can also be retrieved from tag
"fscrypt-key-mgmt-improvements_2019-10-15" of
https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/xfstests-dev.git

Changes since v2:

- Updated "common/encrypt: disambiguate session encryption keys" to
  rename the new instance of _generate_encryption_key() in generic/576.

Changes since v1:

- Addressed comments from Eryu Guan regarding
  _require_encryption_policy_support().

- In generic/801, handle the fsgqa user having part of their key quota
  already consumed before beginning the test, in order to avoid a false
  test failure on some systems.

Eric Biggers (9):
  common/encrypt: disambiguate session encryption keys
  common/encrypt: add helper functions that wrap new xfs_io commands
  common/encrypt: support checking for v2 encryption policy support
  common/encrypt: support verifying ciphertext of v2 encryption policies
  generic: add basic test for fscrypt API additions
  generic: add test for non-root use of fscrypt API additions
  generic: verify ciphertext of v2 encryption policies with AES-256
  generic: verify ciphertext of v2 encryption policies with AES-128
  generic: verify ciphertext of v2 encryption policies with Adiantum

 common/encrypt           | 181 +++++++++++++++++++----
 src/fscrypt-crypt-util.c | 304 ++++++++++++++++++++++++++++++++++-----
 tests/ext4/024           |   2 +-
 tests/generic/397        |   4 +-
 tests/generic/398        |   8 +-
 tests/generic/399        |   4 +-
 tests/generic/419        |   4 +-
 tests/generic/421        |   4 +-
 tests/generic/429        |   8 +-
 tests/generic/435        |   4 +-
 tests/generic/440        |   8 +-
 tests/generic/576        |   2 +-
 tests/generic/800        | 127 ++++++++++++++++
 tests/generic/800.out    |  91 ++++++++++++
 tests/generic/801        | 144 +++++++++++++++++++
 tests/generic/801.out    |  62 ++++++++
 tests/generic/802        |  43 ++++++
 tests/generic/802.out    |   6 +
 tests/generic/803        |  43 ++++++
 tests/generic/803.out    |   6 +
 tests/generic/804        |  45 ++++++
 tests/generic/804.out    |  11 ++
 tests/generic/group      |   5 +
 23 files changed, 1029 insertions(+), 87 deletions(-)
 create mode 100755 tests/generic/800
 create mode 100644 tests/generic/800.out
 create mode 100755 tests/generic/801
 create mode 100644 tests/generic/801.out
 create mode 100755 tests/generic/802
 create mode 100644 tests/generic/802.out
 create mode 100755 tests/generic/803
 create mode 100644 tests/generic/803.out
 create mode 100755 tests/generic/804
 create mode 100644 tests/generic/804.out

-- 
2.23.0.700.g56cf767bdb-goog

^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2020-01-29  0:45 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-15 18:16 [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements Eric Biggers
2019-10-15 18:16 ` [PATCH v3 1/9] common/encrypt: disambiguate session encryption keys Eric Biggers
2019-10-15 18:16 ` [PATCH v3 2/9] common/encrypt: add helper functions that wrap new xfs_io commands Eric Biggers
2019-10-15 18:16 ` [PATCH v3 3/9] common/encrypt: support checking for v2 encryption policy support Eric Biggers
2019-10-15 18:16 ` [PATCH v3 4/9] common/encrypt: support verifying ciphertext of v2 encryption policies Eric Biggers
2019-10-15 18:16 ` [PATCH v3 5/9] generic: add basic test for fscrypt API additions Eric Biggers
2019-10-15 18:16 ` [PATCH v3 6/9] generic: add test for non-root use of " Eric Biggers
2020-01-19  5:45   ` Murphy Zhou
2020-01-19 18:25     ` Eric Biggers
2020-01-20  2:20       ` Murphy Zhou
2020-01-29  0:45         ` Eric Biggers
2019-10-15 18:16 ` [PATCH v3 7/9] generic: verify ciphertext of v2 encryption policies with AES-256 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 8/9] generic: verify ciphertext of v2 encryption policies with AES-128 Eric Biggers
2019-10-15 18:16 ` [PATCH v3 9/9] generic: verify ciphertext of v2 encryption policies with Adiantum Eric Biggers
2019-10-23 18:00 ` [PATCH v3 0/9] xfstests: add tests for fscrypt key management improvements Eric Biggers

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).