diff options
author | Eric Biggers <ebiggers@google.com> | 2016-12-15 12:26:22 -0800 |
---|---|---|
committer | Eryu Guan <eguan@redhat.com> | 2016-12-24 16:47:12 +0800 |
commit | 88d1c426f4ea9374f32592e442aad69e3e1a9e16 (patch) | |
tree | bb04b22e3f8452fc70a5ff0a78a17121ad99abf3 | |
parent | b8f280fcdb676b26a1cdf69689e252ba238a2b8b (diff) | |
download | xfstests-dev-88d1c426f4ea9374f32592e442aad69e3e1a9e16.tar.gz |
generic: test validation of encryption policy structure
Add an xfstest which verifies the kernel performs basic validation
of the encryption policy structure.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>
-rwxr-xr-x | tests/generic/396 | 82 | ||||
-rw-r--r-- | tests/generic/396.out | 18 | ||||
-rw-r--r-- | tests/generic/group | 1 |
3 files changed, 101 insertions, 0 deletions
diff --git a/tests/generic/396 b/tests/generic/396 new file mode 100755 index 0000000000..fd39202407 --- /dev/null +++ b/tests/generic/396 @@ -0,0 +1,82 @@ +#! /bin/bash +# FS QA Test generic/396 +# +# Test that FS_IOC_SET_ENCRYPTION_POLICY correctly validates the fscrypt_policy +# structure that userspace passes to it. +# +#----------------------------------------------------------------------- +# Copyright (c) 2016 Google, Inc. All Rights Reserved. +# +# Author: Eric Biggers <ebiggers@google.com> +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +#----------------------------------------------------------------------- +# + +seq=`basename $0` +seqres=$RESULT_DIR/$seq +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! +trap "_cleanup; exit \$status" 0 1 2 3 15 + +_cleanup() +{ + cd / + rm -f $tmp.* +} + +# get standard environment, filters and checks +. ./common/rc +. ./common/filter +. ./common/encrypt + +# remove previous $seqres.full before test +rm -f $seqres.full + +# real QA test starts here +_supported_fs generic +_supported_os Linux +_require_scratch_encryption +_require_xfs_io_command "set_encpolicy" + +_scratch_mkfs_encrypted &>> $seqres.full +_scratch_mount +dir=$SCRATCH_MNT/dir +mkdir $dir + +echo -e "\n*** Invalid contents encryption mode ***" +$XFS_IO_PROG -c "set_encpolicy -c 0xFF" $dir |& _filter_scratch + +echo -e "\n*** Invalid filenames encryption mode ***" +$XFS_IO_PROG -c "set_encpolicy -n 0xFF" $dir |& _filter_scratch + +echo -e "\n*** Invalid flags ***" +$XFS_IO_PROG -c "set_encpolicy -f 0xFF" $dir |& _filter_scratch + +echo -e "\n*** Invalid policy version ***" +$XFS_IO_PROG -c "set_encpolicy -v 0xFF" $dir |& _filter_scratch + +# Currently, the only supported combination of modes is AES-256-XTS for contents +# and AES-256-CTS for filenames. Nothing else should be accepted. +echo -e "\n*** Invalid combinations of modes ***" +$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-CTS" $dir |& _filter_scratch +$XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-XTS" $dir |& _filter_scratch +$XFS_IO_PROG -c "set_encpolicy -c AES-256-XTS -n AES-256-XTS" $dir |& _filter_scratch + +# success, all done +status=0 +exit diff --git a/tests/generic/396.out b/tests/generic/396.out new file mode 100644 index 0000000000..e66d3442cc --- /dev/null +++ b/tests/generic/396.out @@ -0,0 +1,18 @@ +QA output created by 396 + +*** Invalid contents encryption mode *** +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument + +*** Invalid filenames encryption mode *** +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument + +*** Invalid flags *** +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument + +*** Invalid policy version *** +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument + +*** Invalid combinations of modes *** +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument +SCRATCH_MNT/dir: failed to set encryption policy: Invalid argument diff --git a/tests/generic/group b/tests/generic/group index b39e50972c..67a1dc0dbb 100644 --- a/tests/generic/group +++ b/tests/generic/group @@ -398,3 +398,4 @@ 393 auto quick rw 394 auto quick 395 auto quick encrypt +396 auto quick encrypt |