From: Josef Bacik <josef@toxicpanda.com>
To: fstests@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-btrfs@vger.kernel.org
Cc: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Subject: [PATCH 02/12] common/encrypt: add btrfs to get_encryption_*nonce
Date: Tue, 10 Oct 2023 16:25:55 -0400 [thread overview]
Message-ID: <f751b02bf76ffb24a126016c089dbf04d2e80823.1696969376.git.josef@toxicpanda.com> (raw)
In-Reply-To: <cover.1696969376.git.josef@toxicpanda.com>
From: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Add the modes of getting the encryption nonces, either inode or extent,
to the various get_encryption_nonce functions. For now, no encrypt test
makes a file with more than one extent, so we can just grab the first
extent's nonce for the data nonce; when we write a bigger file test,
we'll need to change that.
Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
---
common/encrypt | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/common/encrypt b/common/encrypt
index 04b6e5ac..fc1c8cc7 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -531,6 +531,17 @@ _get_encryption_file_nonce()
found = 0;
}'
;;
+ btrfs)
+ # Retrieve the fscrypt context for an inode as a hex string.
+ # btrfs prints these like:
+ # item 14 key ($inode FSCRYPT_CTXT_ITEM 0) itemoff 15491 itemsize 40
+ # value: 02010400000000008fabf3dd745d41856e812458cd765bf0140f41d62853f4c0351837daff4dcc8f
+
+ $BTRFS_UTIL_PROG inspect-internal dump-tree $device | \
+ grep -A 1 "key ($inode FSCRYPT_CTXT_ITEM 0)" | \
+ grep --only-matching 'value: [[:xdigit:]]\+' | \
+ tr -d ' \n' | tail -c 32
+ ;;
*)
_fail "_get_encryption_file_nonce() isn't implemented on $FSTYP"
;;
@@ -550,6 +561,23 @@ _get_encryption_data_nonce()
ext4|f2fs)
_get_encryption_file_nonce $device $inode
;;
+ btrfs)
+ # Retrieve the encryption IV of the first file extent in an inode as a hex
+ # string. btrfs prints the file extents (for simple unshared
+ # inodes) like:
+ # item 21 key ($inode EXTENT_DATA 0) itemoff 2534 itemsize 69
+ # generation 7 type 1 (regular)
+ # extent data disk byte 5304320 nr 1048576
+ # extent data offset 0 nr 1048576 ram 1048576
+ # extent compression 0 (none)
+ # extent encryption 161 ((1, 40: context 0201040200000000116a77667261d7422a4b1ed8c427e685edb7a0d370d0c9d40030333033333330))
+
+
+ $BTRFS_UTIL_PROG inspect-internal dump-tree $device | \
+ grep -A 5 "key ($inode EXTENT_DATA 0)" | \
+ grep --only-matching 'context [[:xdigit:]]\+' | \
+ tr -d ' \n' | tail -c 32
+ ;;
*)
_fail "_get_encryption_data_nonce() isn't implemented on $FSTYP"
;;
@@ -572,6 +600,9 @@ _require_get_encryption_nonce_support()
# Otherwise the xattr is incorrectly parsed as v1. But just let
# the test fail in that case, as it was an f2fs-tools bug...
;;
+ btrfs)
+ _require_command "$BTRFS_UTIL_PROG" btrfs
+ ;;
*)
_notrun "_get_encryption_*nonce() isn't implemented on $FSTYP"
;;
--
2.41.0
next prev parent reply other threads:[~2023-10-10 20:26 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-10 20:25 [PATCH 00/12] fstests: fscrypt test updates Josef Bacik
2023-10-10 20:25 ` [PATCH 01/12] common/encrypt: separate data and inode nonces Josef Bacik
2023-10-17 5:20 ` Eric Biggers
2023-10-31 14:13 ` Anand Jain
2023-10-10 20:25 ` Josef Bacik [this message]
2023-10-31 14:15 ` [PATCH 02/12] common/encrypt: add btrfs to get_encryption_*nonce Anand Jain
2023-10-10 20:25 ` [PATCH 03/12] common/encrypt: add btrfs to get_ciphertext_filename Josef Bacik
2023-10-31 14:16 ` Anand Jain
2023-10-10 20:25 ` [PATCH 04/12] common/encrypt: enable making a encrypted btrfs filesystem Josef Bacik
2023-10-31 14:17 ` Anand Jain
2023-10-10 20:25 ` [PATCH 05/12] common/verity: explicitly don't allow btrfs encryption Josef Bacik
2023-10-31 14:18 ` Anand Jain
2023-10-10 20:25 ` [PATCH 06/12] btrfs: add simple test of reflink of encrypted data Josef Bacik
2023-10-31 14:04 ` Anand Jain
2023-10-10 20:26 ` [PATCH 07/12] btrfs: test snapshotting encrypted subvol Josef Bacik
2023-10-31 14:40 ` Anand Jain
2023-10-31 15:39 ` Filipe Manana
2023-11-27 14:16 ` Anand Jain
2023-11-27 15:03 ` Josef Bacik
2023-10-10 20:26 ` [PATCH 08/12] fstests: properly test for v1 encryption policies in encrypt tests Josef Bacik
2023-10-17 5:37 ` Eric Biggers
2023-11-01 11:33 ` Anand Jain
2023-10-10 20:26 ` [PATCH 09/12] fstests: split generic/580 into two tests Josef Bacik
2023-11-02 11:42 ` Anand Jain
2023-11-08 20:25 ` Josef Bacik
2023-11-22 15:41 ` Anand Jain
2023-10-10 20:26 ` [PATCH 10/12] fstests: split generic/581 " Josef Bacik
2023-10-10 20:26 ` [PATCH 11/12] fstests: split generic/613 " Josef Bacik
2023-10-10 20:26 ` [PATCH 12/12] fstest: add a fsstress+fscrypt test Josef Bacik
2023-10-17 5:23 ` Eric Biggers
2023-11-07 10:12 ` Anand Jain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f751b02bf76ffb24a126016c089dbf04d2e80823.1696969376.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=fstests@vger.kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=sweettea-kernel@dorminy.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.