• T
    fscrypt: make test_dummy_encryption require a keyring key · 5bbdcbbb
    Theodore Ts'o 提交于
    Currently, the test_dummy_encryption ext4 mount option, which exists
    only to test encrypted I/O paths with xfstests, overrides all
    per-inode encryption keys with a fixed key.
    
    This change minimizes test_dummy_encryption-specific code path changes
    by supplying a fake context for directories which are not encrypted
    for use when creating new directories, files, or symlinks.  This
    allows us to properly exercise the keyring lookup, derivation, and
    context inheritance code paths.
    
    Before mounting a file system using test_dummy_encryption, userspace
    must execute the following shell commands:
    
        mode='\x00\x00\x00\x00'
        raw="$(printf ""\\\\x%02x"" $(seq 0 63))"
        if lscpu | grep "Byte Order" | grep -q Little ; then
            size='\x40\x00\x00\x00'
        else
            size='\x00\x00\x00\x40'
        fi
        key="${mode}${raw}${size}"
        keyctl new_session
        echo -n -e "${key}" | keyctl padd logon fscrypt:4242424242424242 @s
    Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
    5bbdcbbb
policy.c 6.5 KB