git.baikalelectronics.ru Git - kernel.git/commit

author	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:12:17 +0000 (15:12 -0500)
committer	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:39:46 +0000 (15:39 -0500)
commit	1893b87a300c78c96216d43eb36f47152b440234
tree	ecc38d3c7cfd63dec89605e2db99825ce6f91e94	tree \| snapshot
parent	6f66a73ccf3b9900312f1eb433e0808a213b8421	commit \| diff

fscrypt: make test_dummy_encryption require a keyring key

Currently, the test_dummy_encryption ext4 mount option, which exists
only to test encrypted I/O paths with xfstests, overrides all
per-inode encryption keys with a fixed key.

This change minimizes test_dummy_encryption-specific code path changes
by supplying a fake context for directories which are not encrypted
for use when creating new directories, files, or symlinks.  This
allows us to properly exercise the keyring lookup, derivation, and
context inheritance code paths.

Before mounting a file system using test_dummy_encryption, userspace
must execute the following shell commands:

    mode='\x00\x00\x00\x00'
    raw="$(printf ""\\\\x%02x"" $(seq 0 63))"
    if lscpu | grep "Byte Order" | grep -q Little ; then
        size='\x40\x00\x00\x00'
    else
        size='\x00\x00\x00\x40'
    fi
    key="${mode}${raw}${size}"
    keyctl new_session
    echo -n -e "${key}" | keyctl padd logon fscrypt:4242424242424242 @s

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fs/crypto/keyinfo.c		diff \| blob \| history
fs/crypto/policy.c		diff \| blob \| history