2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright 2019 Google LLC
5 # FS QA Test generic/580
7 # Basic test of the fscrypt filesystem-level encryption keyring
8 # and v2 encryption policies.
12 seqres=$RESULT_DIR/$seq
13 echo "QA output created by $seq"
18 status=1 # failure is the default!
19 trap "_cleanup; exit \$status" 0 1 2 3 15
27 # get standard environment, filters and checks
32 # remove previous $seqres.full before test
35 # real QA test starts here
37 _require_scratch_encryption -v 2
39 _scratch_mkfs_encrypted &>> $seqres.full
42 test_with_policy_version()
46 if (( vers == 1 )); then
47 local keyspec=$TEST_KEY_DESCRIPTOR
48 local add_enckey_args="-d $keyspec"
50 local keyspec=$TEST_KEY_IDENTIFIER
51 local add_enckey_args=""
55 echo "# Setting v$vers encryption policy"
56 _set_encpolicy $dir $keyspec
57 echo "# Getting v$vers encryption policy"
58 _get_encpolicy $dir | _filter_scratch
59 if (( vers == 1 )); then
60 echo "# Getting v1 encryption policy using old ioctl"
61 _get_encpolicy $dir -1 | _filter_scratch
63 echo "# Trying to create file without key added yet"
64 $XFS_IO_PROG -f $dir/file |& _filter_scratch
65 echo "# Getting encryption key status"
66 _enckey_status $SCRATCH_MNT $keyspec
67 echo "# Adding encryption key"
68 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" $add_enckey_args
69 echo "# Creating encrypted file"
70 echo contents > $dir/file
71 echo "# Getting encryption key status"
72 _enckey_status $SCRATCH_MNT $keyspec
73 echo "# Removing encryption key"
74 _rm_enckey $SCRATCH_MNT $keyspec
75 echo "# Getting encryption key status"
76 _enckey_status $SCRATCH_MNT $keyspec
77 echo "# Verifying that the encrypted directory was \"locked\""
78 cat $dir/file |& _filter_scratch
79 cat "$(find $dir -type f)" |& _filter_scratch | cut -d ' ' -f3-
81 # Test removing key with a file open.
82 echo "# Re-adding encryption key"
83 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" $add_enckey_args
84 echo "# Creating another encrypted file"
86 echo "# Removing key while an encrypted file is open"
88 _rm_enckey $SCRATCH_MNT $keyspec
89 echo "# Non-open file should have been evicted"
90 cat $dir/file2 |& _filter_scratch
91 echo "# Open file shouldn't have been evicted"
93 echo "# Key should be in \"incompletely removed\" state"
94 _enckey_status $SCRATCH_MNT $keyspec
95 echo "# Closing file and removing key for real now"
97 _rm_enckey $SCRATCH_MNT $keyspec
98 cat $dir/file |& _filter_scratch
102 _scratch_cycle_mount # Clear all keys
108 test_with_policy_version 1
110 test_with_policy_version 2
112 echo "# Trying to remove absent key"
113 _rm_enckey $SCRATCH_MNT abcdabcdabcdabcd