* [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption
@ 2017-01-30 21:36 Eric Biggers
2017-01-30 22:42 ` Theodore Ts'o
0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2017-01-30 21:36 UTC (permalink / raw)
To: Theodore Ts'o; +Cc: fstests, Eric Biggers
From: Eric Biggers <ebiggers@google.com>
We can improve test coverage and simplify the test_dummy_encryption
kernel logic by requiring userspace to add a default master key to the
keyring. Update xfstests-bld to do this. This allows xfstests-bld to
test kernels with the corresponding kernel patch applied ("fscrypt: make
test_dummy_encryption require a keyring key"). It can still test older
kernels too; the key just doesn't get used in that case.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
kvm-xfstests/test-appliance/files/root/fs/ext4/config | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/kvm-xfstests/test-appliance/files/root/fs/ext4/config b/kvm-xfstests/test-appliance/files/root/fs/ext4/config
index 66d2633..23e869c 100644
--- a/kvm-xfstests/test-appliance/files/root/fs/ext4/config
+++ b/kvm-xfstests/test-appliance/files/root/fs/ext4/config
@@ -36,6 +36,19 @@ function setup_mount_opts()
if test -n "$MNTOPTS" ; then
EXT_MOUNT_OPTIONS="$EXT_MOUNT_OPTIONS,$MNTOPTS"
fi
+ if echo "$EXT_MOUNT_OPTIONS" | grep -q test_dummy_encryption; then
+ # Create a new session keyring and add a default master key to it.
+ keyctl new_session > /dev/null
+ local mode='\x00\x00\x00\x00'
+ local raw="$(printf '\\x%02x' $(seq 0 63))"
+ if lscpu | grep -q '^Byte Order:[[:space:]]\+Little Endian$'; then
+ local size='\x40\x00\x00\x00'
+ else
+ local size='\x00\x00\x00\x40'
+ fi
+ echo -n -e "${mode}${raw}${size}" | \
+ keyctl padd logon ext4:4242424242424242 @s > /dev/null
+ fi
}
function get_mkfs_opts()
--
2.11.0.483.g087da7b7c-goog
^ permalink raw reply related [flat|nested] 4+ messages in thread* Re: [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption
2017-01-30 21:36 [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption Eric Biggers
@ 2017-01-30 22:42 ` Theodore Ts'o
2017-01-30 23:03 ` Eric Biggers
0 siblings, 1 reply; 4+ messages in thread
From: Theodore Ts'o @ 2017-01-30 22:42 UTC (permalink / raw)
To: Eric Biggers; +Cc: fstests, Eric Biggers
On Mon, Jan 30, 2017 at 01:36:47PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> We can improve test coverage and simplify the test_dummy_encryption
> kernel logic by requiring userspace to add a default master key to the
> keyring. Update xfstests-bld to do this. This allows xfstests-bld to
> test kernels with the corresponding kernel patch applied ("fscrypt: make
> test_dummy_encryption require a keyring key"). It can still test older
> kernels too; the key just doesn't get used in that case.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
This is upstream already. (commit: ce7ef24b3ef1940)
- Ted
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption
2017-01-30 22:42 ` Theodore Ts'o
@ 2017-01-30 23:03 ` Eric Biggers
2017-01-31 3:56 ` Theodore Ts'o
0 siblings, 1 reply; 4+ messages in thread
From: Eric Biggers @ 2017-01-30 23:03 UTC (permalink / raw)
To: Theodore Ts'o; +Cc: fstests, Eric Biggers
On Mon, Jan 30, 2017 at 05:42:38PM -0500, Theodore Ts'o wrote:
> On Mon, Jan 30, 2017 at 01:36:47PM -0800, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> >
> > We can improve test coverage and simplify the test_dummy_encryption
> > kernel logic by requiring userspace to add a default master key to the
> > keyring. Update xfstests-bld to do this. This allows xfstests-bld to
> > test kernels with the corresponding kernel patch applied ("fscrypt: make
> > test_dummy_encryption require a keyring key"). It can still test older
> > kernels too; the key just doesn't get used in that case.
> >
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
>
> This is upstream already. (commit: ce7ef24b3ef1940)
>
> - Ted
I don't see it. Can you push out what you have, to both the kernel.org and
github repositories?
Eric
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption
2017-01-30 23:03 ` Eric Biggers
@ 2017-01-31 3:56 ` Theodore Ts'o
0 siblings, 0 replies; 4+ messages in thread
From: Theodore Ts'o @ 2017-01-31 3:56 UTC (permalink / raw)
To: Eric Biggers; +Cc: fstests, Eric Biggers
On Mon, Jan 30, 2017 at 03:03:52PM -0800, Eric Biggers wrote:
> On Mon, Jan 30, 2017 at 05:42:38PM -0500, Theodore Ts'o wrote:
> > On Mon, Jan 30, 2017 at 01:36:47PM -0800, Eric Biggers wrote:
> > > From: Eric Biggers <ebiggers@google.com>
> > >
> > > We can improve test coverage and simplify the test_dummy_encryption
> > > kernel logic by requiring userspace to add a default master key to the
> > > keyring. Update xfstests-bld to do this. This allows xfstests-bld to
> > > test kernels with the corresponding kernel patch applied ("fscrypt: make
> > > test_dummy_encryption require a keyring key"). It can still test older
> > > kernels too; the key just doesn't get used in that case.
> > >
> > > Signed-off-by: Eric Biggers <ebiggers@google.com>
> >
> > This is upstream already. (commit: ce7ef24b3ef1940)
> >
> > - Ted
>
> I don't see it. Can you push out what you have, to both the kernel.org and
> github repositories?
Done. (I thought I had, but looks like I had only pushed it out to github somehow).
- Ted
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-01-31 3:56 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-30 21:36 [PATCH v2] xfstests-bld: populate keyring with default key for test_dummy_encryption Eric Biggers
2017-01-30 22:42 ` Theodore Ts'o
2017-01-30 23:03 ` Eric Biggers
2017-01-31 3:56 ` Theodore Ts'o
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox