git.karo-electronics.de Git - karo-tx-linux.git/commit

author	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:12:17 +0000 (15:12 -0500)
committer	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:39:46 +0000 (15:39 -0500)
commit	5bbdcbbb396196f1c94110ad7a041e90de95c4c2
tree	ecc38d3c7cfd63dec89605e2db99825ce6f91e94	tree \| snapshot
parent	58ae74683ae2c07cd717a91799edb50231061938	commit \| diff

fscrypt: make test_dummy_encryption require a keyring key

Currently, the test_dummy_encryption ext4 mount option, which exists
only to test encrypted I/O paths with xfstests, overrides all
per-inode encryption keys with a fixed key.

This change minimizes test_dummy_encryption-specific code path changes
by supplying a fake context for directories which are not encrypted
for use when creating new directories, files, or symlinks.  This
allows us to properly exercise the keyring lookup, derivation, and
context inheritance code paths.

Before mounting a file system using test_dummy_encryption, userspace
must execute the following shell commands:

    mode='\x00\x00\x00\x00'
    raw="$(printf ""\\\\x%02x"" $(seq 0 63))"
    if lscpu | grep "Byte Order" | grep -q Little ; then
        size='\x40\x00\x00\x00'
    else
        size='\x00\x00\x00\x40'
    fi
    key="${mode}${raw}${size}"
    keyctl new_session
    echo -n -e "${key}" | keyctl padd logon fscrypt:4242424242424242 @s

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fs/crypto/keyinfo.c		diff \| blob \| history
fs/crypto/policy.c		diff \| blob \| history