2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright 2020 Google LLC
7 # Regression test for a bug in the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl fixed by
8 # commit 2b4eae95c736 ("fscrypt: don't evict dirty inodes after removing key").
9 # This bug could cause writes to encrypted files to be lost if they raced with
10 # the corresponding fscrypt master key being removed. With f2fs, this bug could
11 # also crash the kernel.
14 seqres=$RESULT_DIR/$seq
15 echo "QA output created by $seq"
19 status=1 # failure is the default!
20 trap "_cleanup; exit \$status" 0 1 2 3 15
24 # Stop all subprocesses.
31 # get standard environment, filters and checks
36 # remove previous $seqres.full before test
39 # real QA test starts here
42 _require_scratch_encryption -v 2
43 _require_command "$KEYCTL_PROG" keyctl
45 _scratch_mkfs_encrypted &>> $seqres.full
49 runtime=$((4 * TIME_FACTOR))
51 # Create an encrypted directory.
53 _set_encpolicy $dir $TEST_KEY_IDENTIFIER
54 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY"
56 # Start with a single-threaded reproducer:
57 echo -e "\n# Single-threaded reproducer"
58 # Keep a fd open to a file past its fscrypt master key being removed.
60 _rm_enckey $SCRATCH_MNT $TEST_KEY_IDENTIFIER
61 # Write to and close the open fd.
64 # Drop any dentries which might be pinning the inode for "file".
65 echo 2 > /proc/sys/vm/drop_caches
66 # In buggy kernels, the inode for "file" was evicted despite the dirty data,
67 # causing the dirty data to be lost. Check whether the write made it through.
68 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY"
72 # Also run a multi-threaded reproducer. This is included for good measure, as
73 # this type of thing tends to be good for finding other bugs too.
74 echo -e "\n# Multi-threaded reproducer"
77 # One process add/removes the encryption key repeatedly.
79 while [ ! -e $tmp.done ]; do
80 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" > /dev/null
81 _rm_enckey $SCRATCH_MNT $TEST_KEY_IDENTIFIER &> /dev/null
85 # Another process repeatedly tries to append to the encrypted file. The file is
86 # re-opened each time, so that there are chances for the inode to be evicted.
87 # Failures to open the file due to the key being removed are ignored.
90 while [ ! -e $tmp.done ]; do
91 if sh -c "echo -n X >> $dir/file" 2>/dev/null; then
92 # Keep track of the expected file contents.
93 echo -n X >> $tmp.expected
101 # Stop all subprocesses.
105 # Make sure no writes were lost.
106 _add_enckey $SCRATCH_MNT "$TEST_RAW_KEY" > /dev/null
107 stat $tmp.expected >> $seqres.full
108 stat $dir/file >> $seqres.full
109 cmp $tmp.expected $dir/file
111 echo "Multi-threaded reproducer done"