From patchwork Mon Dec 5 19:21:06 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 9461387 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id D35226074E for ; Mon, 5 Dec 2016 19:23:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C130027E71 for ; Mon, 5 Dec 2016 19:23:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B4D2527F9A; Mon, 5 Dec 2016 19:23:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 19C4627F80 for ; Mon, 5 Dec 2016 19:23:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751636AbcLETX1 (ORCPT ); Mon, 5 Dec 2016 14:23:27 -0500 Received: from mail-pf0-f182.google.com ([209.85.192.182]:35064 "EHLO mail-pf0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751605AbcLETXZ (ORCPT ); Mon, 5 Dec 2016 14:23:25 -0500 Received: by mail-pf0-f182.google.com with SMTP id i88so64890089pfk.2 for ; Mon, 05 Dec 2016 11:23:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=7E2pHN+TzdayIJrp42uvRyqilh5jJuBBB5qMJ5yqN0E=; b=FxH084bg32PbBS/rsaqOWclX7yOSZuJ5zEq+hRTGBbxgJWmwIONzrjM/Db9HQuOxZm ku+ou+uhC1I6QA7ASuP86IdYLvNf4rgFH45Q+gFM5ZS8UOl8so1ZWr09ZPWqI2v5pvnR oQhhHaAxyjOrlShnx+wibGqg/xg7tGcLAVveMljhLII8jefEjrDAuBZ22s61HIOuThFX a/4mr3crfUWx3QIce+/QEy5VCccWrAuak70uQdOmVXBSeGgJ/yzKKYEZ63F3u6Cy/aBb 4eo+7QiSfaprL0JjFUP90rOFBIKG9a/hjJ/4eIIzo4eiVPsucoWbhIGlaKHWVZhk+5jE nfag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=7E2pHN+TzdayIJrp42uvRyqilh5jJuBBB5qMJ5yqN0E=; b=Oeurce+llFkueNjYza/uWHI+mNaYuSRglWhJRJZaAayZ8dyeykwpn419mGZsEdgsG0 V7gzRBmmf7vhqkhWy/UCxTR9NcW/GQy2d/VbFe2A5jcFAZgk2IlxwPn3RRbZyDdMKW80 5nZDEezHgK9HhmEiIf24PcqBrqVzJ6f85S/MPDd7Me4IbGUlUHMYmuZROUwNtKeHHn5g zUZxv297lLZMuiVFBwcbw8HQv9nRxrlgQdadcFcjPr3Z4qjPZC5c7FXVrb/ry5Muiqr4 vMgOUimoObjJT7NmVOiL0QQvG8BzZETAuU19mfnfMfoMKBgc6ZX5Ge2M1uFjJQJVvYps Zajg== X-Gm-Message-State: AKaTC01Z9vKZXc8V7l3FrdUZhwX9wTgdyfV9dVEmpjNGrmE9RzfXz1IgWTel5PcysjADEaev X-Received: by 10.84.215.158 with SMTP id l30mr3733609pli.132.1480965804759; Mon, 05 Dec 2016 11:23:24 -0800 (PST) Received: from ebiggers-linuxstation.kir.corp.google.com ([100.119.31.230]) by smtp.gmail.com with ESMTPSA id 16sm29239004pfk.54.2016.12.05.11.23.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 05 Dec 2016 11:23:23 -0800 (PST) From: Eric Biggers To: fstests@vger.kernel.org Cc: Theodore Ts'o , Jaegeuk Kim , Richard Weinberger , David Gstir , Michael Halcrow , Eric Biggers Subject: [PATCH v3 3/6] generic: test validation of encryption policy structure Date: Mon, 5 Dec 2016 11:21:06 -0800 Message-Id: <1480965669-39714-4-git-send-email-ebiggers@google.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 In-Reply-To: <1480965669-39714-1-git-send-email-ebiggers@google.com> References: <1480965669-39714-1-git-send-email-ebiggers@google.com> Sender: fstests-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Add an xfstest which verifies the kernel performs basic validation of the encryption policy structure. Signed-off-by: Eric Biggers --- tests/generic/401 | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/401.out | 18 +++++++++++ tests/generic/group | 1 + 3 files changed, 102 insertions(+) create mode 100755 tests/generic/401 create mode 100644 tests/generic/401.out diff --git a/tests/generic/401 b/tests/generic/401 new file mode 100755 index 0000000..553c547 --- /dev/null +++ b/tests/generic/401 @@ -0,0 +1,83 @@ +#! /bin/bash +# FS QA Test generic/401 +# +# Test that FS_IOC_SET_ENCRYPTION_POLICY correctly validates the fscrypt_policy +# structure that userspace passes to it. +# +#----------------------------------------------------------------------- +# Copyright (c) 2016 Google, Inc. All Rights Reserved. +# +# Author: Eric Biggers +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +#----------------------------------------------------------------------- +# + +seq=`basename $0` +seqres=$RESULT_DIR/$seq +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! +trap "_cleanup; exit \$status" 0 1 2 3 15 + +_cleanup() +{ + cd / + rm -f $tmp.* +} + +# get standard environment, filters and checks +. ./common/rc +. ./common/filter +. ./common/encrypt + +# remove previous $seqres.full before test +rm -f $seqres.full + +# real QA test starts here +_supported_fs ext4 f2fs +_supported_os Linux +_require_xfs_io_command "set_encpolicy" +_require_scratch +_require_encryption + +_scratch_mkfs_encrypted >> $seqres.full +_scratch_mount +mkdir $SCRATCH_MNT/dir +cd $SCRATCH_MNT + +echo -e "\n*** Invalid contents encryption mode ***" +$XFS_IO_PROG -c "set_encpolicy -c 0xFF" dir + +echo -e "\n*** Invalid filenames encryption mode ***" +$XFS_IO_PROG -c "set_encpolicy -n 0xFF" dir + +echo -e "\n*** Invalid flags ***" +$XFS_IO_PROG -c "set_encpolicy -f 0xFF" dir + +echo -e "\n*** Invalid policy version ***" +$XFS_IO_PROG -c "set_encpolicy -v 0xFF" dir + +# Currently, the only supported combination of modes is AES-256-XTS for contents +# and AES-256-CTS for filenames. Nothing else should be accepted. +echo -e "\n*** Invalid combinations of modes ***" +$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-CTS" dir +$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-XTS" dir +$XFS_IO_PROG -c "set_encpolicy -c AES-256-XTS -n AES-256-XTS" dir + +# success, all done +status=0 +exit diff --git a/tests/generic/401.out b/tests/generic/401.out new file mode 100644 index 0000000..eb6142e --- /dev/null +++ b/tests/generic/401.out @@ -0,0 +1,18 @@ +QA output created by 401 + +*** Invalid contents encryption mode *** +dir: failed to set encryption policy: Invalid argument + +*** Invalid filenames encryption mode *** +dir: failed to set encryption policy: Invalid argument + +*** Invalid flags *** +dir: failed to set encryption policy: Invalid argument + +*** Invalid policy version *** +dir: failed to set encryption policy: Invalid argument + +*** Invalid combinations of modes *** +dir: failed to set encryption policy: Invalid argument +dir: failed to set encryption policy: Invalid argument +dir: failed to set encryption policy: Invalid argument diff --git a/tests/generic/group b/tests/generic/group index e6619ca..a455c29 100644 --- a/tests/generic/group +++ b/tests/generic/group @@ -397,3 +397,4 @@ 392 auto quick metadata 393 auto quick rw 400 auto quick encrypt +401 auto quick encrypt