git.baikalelectronics.ru Git - kernel.git/commit

author	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:12:17 +0000 (15:12 -0500)
committer	Theodore Ts'o <tytso@mit.edu>
	Mon, 2 Jan 2017 20:39:46 +0000 (15:39 -0500)
commit	e87be8f07fb8549c1ea0a188b937bdcfc776812f
tree	ecc38d3c7cfd63dec89605e2db99825ce6f91e94	tree \| snapshot
parent	72cce7b953ea6f76de2d4b0c3278f1e742ab04a7	commit \| diff

fscrypt: make test_dummy_encryption require a keyring key

Currently, the test_dummy_encryption ext4 mount option, which exists
only to test encrypted I/O paths with xfstests, overrides all
per-inode encryption keys with a fixed key.

This change minimizes test_dummy_encryption-specific code path changes
by supplying a fake context for directories which are not encrypted
for use when creating new directories, files, or symlinks.  This
allows us to properly exercise the keyring lookup, derivation, and
context inheritance code paths.

Before mounting a file system using test_dummy_encryption, userspace
must execute the following shell commands:

    mode='\x00\x00\x00\x00'
    raw="$(printf ""\\\\x%02x"" $(seq 0 63))"
    if lscpu | grep "Byte Order" | grep -q Little ; then
        size='\x40\x00\x00\x00'
    else
        size='\x00\x00\x00\x40'
    fi
    key="${mode}${raw}${size}"
    keyctl new_session
    echo -n -e "${key}" | keyctl padd logon fscrypt:4242424242424242 @s

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fs/crypto/keyinfo.c		diff \| blob \| history
fs/crypto/policy.c		diff \| blob \| history