From patchwork Thu Dec 15 20:26:21 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 9476849 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 67C286047D for ; Thu, 15 Dec 2016 20:28:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 58F6128848 for ; Thu, 15 Dec 2016 20:28:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4DBB928851; Thu, 15 Dec 2016 20:28:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A2F492884F for ; Thu, 15 Dec 2016 20:28:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753382AbcLOU2Q (ORCPT ); Thu, 15 Dec 2016 15:28:16 -0500 Received: from mail-pg0-f67.google.com ([74.125.83.67]:35533 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753030AbcLOU2P (ORCPT ); Thu, 15 Dec 2016 15:28:15 -0500 Received: by mail-pg0-f67.google.com with SMTP id p66so7196215pga.2 for ; Thu, 15 Dec 2016 12:28:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=lKenYSJPqwcYy/nrmUVtewmC12GMbSsTklWu5VMNhlg=; b=c8DfnhE9UH3Lo+1ypn1yx8/vqYNHSqSOrResHmzqEJJ2yAJDC5FffiZD76M6M5HQYT lisUUHMvCFmOL1AEEwgYaSNZkWulJ1yOSdsWHp/UGYt2izJW1SiZi7+/C5CxaderUvAE hW/C3/mYpJdkk7BomHjxlI+cE/Y2Y+XzeFDZmGgVJ4DmJ35Mm2v8UMWb/pUI1S6l8hEn 68UOm5Mh/MC5uBCwOtcNsZ8XKXeds+vnOIBmhAPgw1H2ipQ5FSxzLZD2zAQTBvsDmcUz Jw0bjb0wLVv5tvTB+FnCitGM12TzZjM2vL4BRIjbUZU3kVrLujU7DppWPXVgTpO3QSNo JVuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=lKenYSJPqwcYy/nrmUVtewmC12GMbSsTklWu5VMNhlg=; b=NvTUb1bfG5O8thl/e6FySdG6QHduzfvVYbqYhejW0gN+l68EDBREB1oLwMvD8G/PaV 2DvLUlgjtCRhyTDJWCnmVhRjfN6yIxrdkQwDE0AADsGoyroSf5IO6e463azDu6Q5YL92 F0JA6IAqu1UIGD8coPUKpPks8mk3vb4fVqtdLhEksCMqqw6xGlaiXaZYaWqIJwvB4086 V+DQ/Q/4tvciiGaJc0h8ZDjBYLhiOmjH2iUEBZQYmnIIJpI1KL7OYIl6E7S1MiNRvFSe +PYq9C22o5GTQRSvUiz7j6WvsfH9r4eXFk3lq25sdqppwJksfrOC1dSYAc+iD8iIFEte 84iA== X-Gm-Message-State: AKaTC01eleHa7BN4pz7Q8cOoyGUv4MqNK5QiA5wB6cy2RuKdLyBPqgZ/PjbynaEp3Im5Cg== X-Received: by 10.99.235.10 with SMTP id t10mr5133749pgh.95.1481833694488; Thu, 15 Dec 2016 12:28:14 -0800 (PST) Received: from ebiggers-linuxstation.kir.corp.google.com ([100.119.30.131]) by smtp.gmail.com with ESMTPSA id z62sm6508174pfz.19.2016.12.15.12.28.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 15 Dec 2016 12:28:14 -0800 (PST) From: Eric Biggers To: fstests@vger.kernel.org Cc: Theodore Ts'o , Jaegeuk Kim , Richard Weinberger , David Gstir , Michael Halcrow , Eric Sandeen , Eric Biggers Subject: [PATCH v4 2/6] generic: test setting and getting encryption policies Date: Thu, 15 Dec 2016 12:26:21 -0800 Message-Id: <1481833585-39148-3-git-send-email-ebiggers3@gmail.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 In-Reply-To: <1481833585-39148-1-git-send-email-ebiggers3@gmail.com> References: <1481833585-39148-1-git-send-email-ebiggers3@gmail.com> Sender: fstests-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Eric Biggers Several kernel bugs were recently fixed regarding the constraints for setting encryption policies. Add tests for these cases and a few more. Signed-off-by: Eric Biggers --- tests/generic/400 | 135 ++++++++++++++++++++++++++++++++++++++++++++++++++ tests/generic/400.out | 43 ++++++++++++++++ tests/generic/group | 1 + 3 files changed, 179 insertions(+) create mode 100755 tests/generic/400 create mode 100644 tests/generic/400.out diff --git a/tests/generic/400 b/tests/generic/400 new file mode 100755 index 0000000..9dbc024 --- /dev/null +++ b/tests/generic/400 @@ -0,0 +1,135 @@ +#! /bin/bash +# FS QA Test generic/400 +# +# Test setting and getting encryption policies. +# +#----------------------------------------------------------------------- +# Copyright (c) 2016 Google, Inc. All Rights Reserved. +# +# Author: Eric Biggers +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +#----------------------------------------------------------------------- +# + +seq=`basename $0` +seqres=$RESULT_DIR/$seq +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! +trap "_cleanup; exit \$status" 0 1 2 3 15 + +_cleanup() +{ + cd / + rm -f $tmp.* +} + +# get standard environment, filters and checks +. ./common/rc +. ./common/filter +. ./common/encrypt + +# remove previous $seqres.full before test +rm -f $seqres.full + +# real QA test starts here +_supported_fs generic +_supported_os Linux +_require_scratch_encryption +_require_xfs_io_command "get_encpolicy" +_require_xfs_io_command "set_encpolicy" +_require_user + +_scratch_mkfs_encrypted &>> $seqres.full +_scratch_mount + +check_no_policy() +{ + # When a file is unencrypted, FS_IOC_GET_ENCRYPTION_POLICY currently + # fails with ENOENT on ext4 but with ENODATA on f2fs. TODO: it's + # planned to consistently use ENODATA. For now this test accepts both. + $XFS_IO_PROG -c "get_encpolicy" $1 |& + sed -e 's/No such file or directory/No data available/' +} + +# Should be able to set an encryption policy on an empty directory +empty_dir=$SCRATCH_MNT/empty_dir +echo -e "\n*** Setting encryption policy on empty directory ***" +mkdir $empty_dir +check_no_policy $empty_dir |& _filter_scratch +$XFS_IO_PROG -c "set_encpolicy 0000111122223333" $empty_dir +$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch + +# Should be able to set the same policy again, but not a different one. +# TODO: the error code for "already has a different policy" is planned to switch +# from EINVAL to EEXIST. For now this test accepts both. +echo -e "\n*** Setting encryption policy again ***" +$XFS_IO_PROG -c "set_encpolicy 0000111122223333" $empty_dir +$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch +$XFS_IO_PROG -c "set_encpolicy 4444555566667777" $empty_dir |& \ + _filter_scratch | sed -e 's/Invalid argument/File exists/' +$XFS_IO_PROG -c "get_encpolicy" $empty_dir | _filter_scratch + +# Should *not* be able to set an encryption policy on a nonempty directory +nonempty_dir=$SCRATCH_MNT/nonempty_dir +echo -e "\n*** Setting encryption policy on nonempty directory ***" +mkdir $nonempty_dir +touch $nonempty_dir/file +$XFS_IO_PROG -c "set_encpolicy" $nonempty_dir |& _filter_scratch +check_no_policy $nonempty_dir |& _filter_scratch + +# Should *not* be able to set an encryption policy on a nondirectory file, even +# an empty one. Regression test for 002ced4be642: "fscrypto: only allow setting +# encryption policy on directories". +# TODO: the error code for "not a directory" is planned to switch from EINVAL to +# ENOTDIR. For now this test accepts both. +nondirectory=$SCRATCH_MNT/nondirectory +echo -e "\n*** Setting encryption policy on nondirectory ***" +touch $nondirectory +$XFS_IO_PROG -c "set_encpolicy" $nondirectory |& \ + _filter_scratch | sed -e 's/Invalid argument/Not a directory/' +check_no_policy $nondirectory |& _filter_scratch + +# Should *not* be able to set an encryption policy on another user's directory. +# Regression test for 163ae1c6ad62: "fscrypto: add authorization check for +# setting encryption policy". +unauthorized_dir=$SCRATCH_MNT/unauthorized_dir +echo -e "\n*** Setting encryption policy on another user's directory ***" +mkdir $unauthorized_dir +su $qa_user -c "$XFS_IO_PROG -c \"set_encpolicy\" $unauthorized_dir" |& \ + _filter_scratch +check_no_policy $unauthorized_dir |& _filter_scratch + +# Should *not* be able to set an encryption policy on a directory on a +# filesystem mounted readonly. Regression test for ba63f23d69a3: "fscrypto: +# require write access to mount to set encryption policy". Test both a regular +# readonly filesystem and a readonly bind mount of a read-write filesystem. +echo -e "\n*** Setting encryption policy on readonly filesystem ***" +mkdir $SCRATCH_MNT/ro_dir $SCRATCH_MNT/ro_bind_mnt +_scratch_remount ro +$XFS_IO_PROG -c "set_encpolicy" $SCRATCH_MNT/ro_dir |& _filter_scratch +check_no_policy $SCRATCH_MNT/ro_dir |& _filter_scratch +_scratch_remount rw +mount --bind $SCRATCH_MNT $SCRATCH_MNT/ro_bind_mnt +mount -o remount,ro,bind $SCRATCH_MNT/ro_bind_mnt +$XFS_IO_PROG -c "set_encpolicy" $SCRATCH_MNT/ro_bind_mnt/ro_dir |& _filter_scratch +check_no_policy $SCRATCH_MNT/ro_bind_mnt/ro_dir |& _filter_scratch +umount $SCRATCH_MNT/ro_bind_mnt + +# success, all done +status=0 +exit diff --git a/tests/generic/400.out b/tests/generic/400.out new file mode 100644 index 0000000..631c023 --- /dev/null +++ b/tests/generic/400.out @@ -0,0 +1,43 @@ +QA output created by 400 + +*** Setting encryption policy on empty directory *** +SCRATCH_MNT/empty_dir: failed to get encryption policy: No data available +Encryption policy for SCRATCH_MNT/empty_dir: + Policy version: 0 + Master key descriptor: 0000111122223333 + Contents encryption mode: 1 (AES-256-XTS) + Filenames encryption mode: 4 (AES-256-CTS) + Flags: 0x02 + +*** Setting encryption policy again *** +Encryption policy for SCRATCH_MNT/empty_dir: + Policy version: 0 + Master key descriptor: 0000111122223333 + Contents encryption mode: 1 (AES-256-XTS) + Filenames encryption mode: 4 (AES-256-CTS) + Flags: 0x02 +SCRATCH_MNT/empty_dir: failed to set encryption policy: File exists +Encryption policy for SCRATCH_MNT/empty_dir: + Policy version: 0 + Master key descriptor: 0000111122223333 + Contents encryption mode: 1 (AES-256-XTS) + Filenames encryption mode: 4 (AES-256-CTS) + Flags: 0x02 + +*** Setting encryption policy on nonempty directory *** +SCRATCH_MNT/nonempty_dir: failed to set encryption policy: Directory not empty +SCRATCH_MNT/nonempty_dir: failed to get encryption policy: No data available + +*** Setting encryption policy on nondirectory *** +SCRATCH_MNT/nondirectory: failed to set encryption policy: Not a directory +SCRATCH_MNT/nondirectory: failed to get encryption policy: No data available + +*** Setting encryption policy on another user's directory *** +SCRATCH_MNT/unauthorized_dir: failed to set encryption policy: Permission denied +SCRATCH_MNT/unauthorized_dir: failed to get encryption policy: No data available + +*** Setting encryption policy on readonly filesystem *** +SCRATCH_MNT/ro_dir: failed to set encryption policy: Read-only file system +SCRATCH_MNT/ro_dir: failed to get encryption policy: No data available +SCRATCH_MNT/ro_bind_mnt/ro_dir: failed to set encryption policy: Read-only file system +SCRATCH_MNT/ro_bind_mnt/ro_dir: failed to get encryption policy: No data available diff --git a/tests/generic/group b/tests/generic/group index f4af986..e6619ca 100644 --- a/tests/generic/group +++ b/tests/generic/group @@ -396,3 +396,4 @@ 391 auto quick rw 392 auto quick metadata 393 auto quick rw +400 auto quick encrypt