2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright 2019 Google LLC
5 # FS QA Test generic/580
7 # Basic test of the fscrypt filesystem-level encryption keyring
8 # and v2 encryption policies.
12 seqres=$RESULT_DIR/$seq
13 echo "QA output created by $seq"
18 status=1 # failure is the default!
19 trap "_cleanup; exit \$status" 0 1 2 3 15
27 # get standard environment, filters and checks
32 # remove previous $seqres.full before test
35 # real QA test starts here
38 _require_scratch_encryption -v 2
40 _scratch_mkfs_encrypted &>> $seqres.full
43 test_with_policy_version()
47 if (( vers == 1 )); then
48 local keyspec=$TEST_KEY_DESCRIPTOR
49 local add_enckey_args="-d $keyspec"
51 local keyspec=$TEST_KEY_IDENTIFIER
52 local add_enckey_args=""
56 echo "# Setting v$vers encryption policy"
57 _set_encpolicy $dir $keyspec
58 echo "# Getting v$vers encryption policy"
59 _get_encpolicy $dir | _filter_scratch
60 if (( vers == 1 )); then
61 echo "# Getting v1 encryption policy using old ioctl"
62 _get_encpolicy $dir -1 | _filter_scratch
64 echo "# Trying to create file without key added yet"
65 $XFS_IO_PROG -f $dir/file |& _filter_scratch
66 echo "# Getting encryption key status"
67 _enckey_status $SCRATCH_MNT $keyspec
68 echo "# Adding encryption key"
69 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" $add_enckey_args
70 echo "# Creating encrypted file"
71 echo contents > $dir/file
72 echo "# Getting encryption key status"
73 _enckey_status $SCRATCH_MNT $keyspec
74 echo "# Removing encryption key"
75 _rm_enckey $SCRATCH_MNT $keyspec
76 echo "# Getting encryption key status"
77 _enckey_status $SCRATCH_MNT $keyspec
78 echo "# Verifying that the encrypted directory was \"locked\""
79 cat $dir/file |& _filter_scratch
80 cat "$(find $dir -type f)" |& _filter_scratch | cut -d ' ' -f3-
82 # Test removing key with a file open.
83 echo "# Re-adding encryption key"
84 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" $add_enckey_args
85 echo "# Creating another encrypted file"
87 echo "# Removing key while an encrypted file is open"
89 _rm_enckey $SCRATCH_MNT $keyspec
90 echo "# Non-open file should have been evicted"
91 cat $dir/file2 |& _filter_scratch
92 echo "# Open file shouldn't have been evicted"
94 echo "# Key should be in \"incompletely removed\" state"
95 _enckey_status $SCRATCH_MNT $keyspec
96 echo "# Closing file and removing key for real now"
98 _rm_enckey $SCRATCH_MNT $keyspec
99 cat $dir/file |& _filter_scratch
103 _scratch_cycle_mount # Clear all keys
109 test_with_policy_version 1
111 test_with_policy_version 2
113 echo "# Trying to remove absent key"
114 _rm_enckey $SCRATCH_MNT abcdabcdabcdabcd