2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright (c) 2016 Google, Inc. All Rights Reserved.
5 # FS QA Test generic/396
7 # Test that FS_IOC_SET_ENCRYPTION_POLICY correctly validates the fscrypt_policy
8 # structure that userspace passes to it.
11 seqres=$RESULT_DIR/$seq
12 echo "QA output created by $seq"
16 status=1 # failure is the default!
17 trap "_cleanup; exit \$status" 0 1 2 3 15
25 # get standard environment, filters and checks
30 # remove previous $seqres.full before test
33 # real QA test starts here
36 _require_scratch_encryption
37 _require_xfs_io_command "set_encpolicy"
39 _scratch_mkfs_encrypted &>> $seqres.full
44 echo -e "\n*** Invalid contents encryption mode ***"
45 $XFS_IO_PROG -c "set_encpolicy -c 0xFF" $dir |& _filter_scratch
47 echo -e "\n*** Invalid filenames encryption mode ***"
48 $XFS_IO_PROG -c "set_encpolicy -n 0xFF" $dir |& _filter_scratch
50 echo -e "\n*** Invalid flags ***"
51 $XFS_IO_PROG -c "set_encpolicy -f 0xFF" $dir |& _filter_scratch
53 echo -e "\n*** Invalid policy version ***"
54 $XFS_IO_PROG -c "set_encpolicy -v 0xFF" $dir |& _filter_scratch
56 # Currently, the only supported combination of modes is AES-256-XTS for contents
57 # and AES-256-CTS for filenames. Nothing else should be accepted.
58 echo -e "\n*** Invalid combinations of modes ***"
59 $XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-CTS" $dir |& _filter_scratch
60 $XFS_IO_PROG -c "set_encpolicy -c AES-256-CTS -n AES-256-XTS" $dir |& _filter_scratch
61 $XFS_IO_PROG -c "set_encpolicy -c AES-256-XTS -n AES-256-XTS" $dir |& _filter_scratch