#
# _require_scratch_encryption [-c CONTENTS_MODE] [-n FILENAMES_MODE]
-# [-v POLICY_VERSION]
+# [-f POLICY_FLAGS] [-v POLICY_VERSION]
#
# Require encryption support on the scratch device.
#
local mnt=$1
local dir=$mnt/tmpdir
local set_encpolicy_args=""
+ local policy_flags=0
local policy_version=1
local c
OPTIND=2
- while getopts "c:n:v:" c; do
+ while getopts "c:n:f:v:" c; do
case $c in
c|n)
set_encpolicy_args+=" -$c $OPTARG"
;;
+ f)
+ set_encpolicy_args+=" -$c $OPTARG"
+ policy_flags=$OPTARG
+ ;;
v)
set_encpolicy_args+=" -$c $OPTARG"
policy_version=$OPTARG
echo "Checking whether kernel supports encryption policy: $set_encpolicy_args" \
>> $seqres.full
+ if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then
+ _scratch_unmount
+ _scratch_mkfs_stable_inodes_encrypted &>> $seqres.full
+ _scratch_mount
+ fi
+
mkdir $dir
if (( policy_version > 1 )); then
_require_xfs_io_command "get_encpolicy" "-t"
esac
}
+# Like _scratch_mkfs_encrypted(), but add -O stable_inodes if applicable for the
+# filesystem type. This is necessary for using encryption policies that include
+# the inode number in the IVs, e.g. policies with the IV_INO_LBLK_64 flag set.
+_scratch_mkfs_stable_inodes_encrypted()
+{
+ case $FSTYP in
+ ext4)
+ if ! _scratch_mkfs -O encrypt -O stable_inodes; then
+ _notrun "-O stable_inodes is not supported"
+ fi
+ ;;
+ *)
+ _scratch_mkfs_encrypted
+ ;;
+ esac
+}
+
# Give the invoking shell a new session keyring. This makes any keys we add to
# the session keyring scoped to the lifetime of the test script.
_new_session_keyring()
local set_encpolicy_args=$4
local keyspec=$5
local raw_key_hex=$6
- local crypt_cmd="$here/src/fscrypt-crypt-util $7"
+ local crypt_contents_cmd="$here/src/fscrypt-crypt-util $7"
+ local crypt_filename_cmd="$here/src/fscrypt-crypt-util $8"
local blocksize=$(_get_block_size $SCRATCH_MNT)
local test_contents_files=()
read -r src inode blocklist <<< "$f"
nonce=$(_get_encryption_nonce $SCRATCH_DEV $inode)
_dump_ciphertext_blocks $SCRATCH_DEV $blocklist > $tmp.actual_contents
- $crypt_cmd $contents_encryption_mode $raw_key_hex \
+ $crypt_contents_cmd $contents_encryption_mode $raw_key_hex \
--file-nonce=$nonce --block-size=$blocksize \
- < $src > $tmp.expected_contents
+ --inode-number=$inode < $src > $tmp.expected_contents
if ! cmp $tmp.expected_contents $tmp.actual_contents; then
_fail "Expected encrypted contents != actual encrypted contents. File: $f"
fi
- $crypt_cmd $contents_encryption_mode $raw_key_hex --decrypt \
- --file-nonce=$nonce --block-size=$blocksize \
+ $crypt_contents_cmd $contents_encryption_mode $raw_key_hex \
+ --decrypt --file-nonce=$nonce --block-size=$blocksize \
+ --inode-number=$inode \
< $tmp.actual_contents > $tmp.decrypted_contents
if ! cmp $src $tmp.decrypted_contents; then
_fail "Contents decryption sanity check failed. File: $f"
_get_ciphertext_filename $SCRATCH_DEV $inode $dir_inode \
> $tmp.actual_name
echo -n "$name" | \
- $crypt_cmd $filenames_encryption_mode $raw_key_hex \
- --file-nonce=$nonce --padding=$padding \
- --block-size=255 > $tmp.expected_name
+ $crypt_filename_cmd $filenames_encryption_mode \
+ $raw_key_hex --file-nonce=$nonce --padding=$padding \
+ --block-size=255 --inode-number=$dir_inode \
+ > $tmp.expected_name
if ! cmp $tmp.expected_name $tmp.actual_name; then
_fail "Expected encrypted filename != actual encrypted filename. File: $f"
fi
- $crypt_cmd $filenames_encryption_mode $raw_key_hex --decrypt \
- --file-nonce=$nonce --padding=$padding \
- --block-size=255 < $tmp.actual_name \
- > $tmp.decrypted_name
+ $crypt_filename_cmd $filenames_encryption_mode $raw_key_hex \
+ --decrypt --file-nonce=$nonce --padding=$padding \
+ --block-size=255 --inode-number=$dir_inode \
+ < $tmp.actual_name > $tmp.decrypted_name
decrypted_name=$(tr -d '\0' < $tmp.decrypted_name)
if [ "$name" != "$decrypted_name" ]; then
_fail "Filename decryption sanity check failed ($name != $decrypted_name). File: $f"
done
}
+# fscrypt UAPI constants (see <linux/fscrypt.h>)
+
+FSCRYPT_MODE_AES_256_XTS=1
+FSCRYPT_MODE_AES_256_CTS=4
+FSCRYPT_MODE_AES_128_CBC=5
+FSCRYPT_MODE_AES_128_CTS=6
+FSCRYPT_MODE_ADIANTUM=9
+
+FSCRYPT_POLICY_FLAG_DIRECT_KEY=0x04
+FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64=0x08
+
_fscrypt_mode_name_to_num()
{
local name=$1
case "$name" in
- AES-256-XTS) echo 1 ;; # FS_ENCRYPTION_MODE_AES_256_XTS
- AES-256-CTS-CBC) echo 4 ;; # FS_ENCRYPTION_MODE_AES_256_CTS
- AES-128-CBC-ESSIV) echo 5 ;; # FS_ENCRYPTION_MODE_AES_128_CBC
- AES-128-CTS-CBC) echo 6 ;; # FS_ENCRYPTION_MODE_AES_128_CTS
- Adiantum) echo 9 ;; # FS_ENCRYPTION_MODE_ADIANTUM
+ AES-256-XTS) echo $FSCRYPT_MODE_AES_256_XTS ;;
+ AES-256-CTS-CBC) echo $FSCRYPT_MODE_AES_256_CTS ;;
+ AES-128-CBC-ESSIV) echo $FSCRYPT_MODE_AES_128_CBC ;;
+ AES-128-CTS-CBC) echo $FSCRYPT_MODE_AES_128_CTS ;;
+ Adiantum) echo $FSCRYPT_MODE_ADIANTUM ;;
*) _fail "Unknown fscrypt mode: $name" ;;
esac
}
# policy of the specified type is used.
#
# The first two parameters are the contents and filenames encryption modes to
-# test. Optionally, also specify 'direct' to test the DIRECT_KEY flag, and/or
-# 'v2' to test v2 policies.
+# test. The following optional parameters are also accepted to further modify
+# the type of encryption policy that is tested:
+#
+# 'v2': test a v2 encryption policy
+# 'direct': test the DIRECT_KEY policy flag
+# 'iv_ino_lblk_64': test the IV_INO_LBLK_64 policy flag
+#
_verify_ciphertext_for_encryption_policy()
{
local contents_encryption_mode=$1
local policy_flags=0
local set_encpolicy_args=""
local crypt_util_args=""
+ local crypt_util_contents_args=""
+ local crypt_util_filename_args=""
shift 2
for opt; do
$filenames_encryption_mode ]; then
_fail "For direct key mode, contents and filenames modes must match"
fi
- (( policy_flags |= 0x04 )) # FS_POLICY_FLAG_DIRECT_KEY
+ (( policy_flags |= FSCRYPT_POLICY_FLAG_DIRECT_KEY ))
+ ;;
+ iv_ino_lblk_64)
+ (( policy_flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 ))
;;
*)
_fail "Unknown option '$opt' passed to ${FUNCNAME[0]}"
if (( policy_version > 1 )); then
set_encpolicy_args+=" -v 2"
crypt_util_args+=" --kdf=HKDF-SHA512"
- if (( policy_flags & 0x04 )); then
+ if (( policy_flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY )); then
+ if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then
+ _fail "'direct' and 'iv_ino_lblk_64' options are mutually exclusive"
+ fi
crypt_util_args+=" --mode-num=$contents_mode_num"
+ elif (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then
+ crypt_util_args+=" --iv-ino-lblk-64"
+ crypt_util_contents_args+=" --mode-num=$contents_mode_num"
+ crypt_util_filename_args+=" --mode-num=$filenames_mode_num"
fi
else
- if (( policy_flags & 0x04 )); then
+ if (( policy_flags & ~FSCRYPT_POLICY_FLAG_DIRECT_KEY )); then
+ _fail "unsupported flags for v1 policy: $policy_flags"
+ fi
+ if (( policy_flags & FSCRYPT_POLICY_FLAG_DIRECT_KEY )); then
crypt_util_args+=" --kdf=none"
else
crypt_util_args+=" --kdf=AES-128-ECB"
fi
set_encpolicy_args=${set_encpolicy_args# }
- _require_scratch_encryption $set_encpolicy_args
+ _require_scratch_encryption $set_encpolicy_args -f $policy_flags
_require_test_program "fscrypt-crypt-util"
_require_xfs_io_command "fiemap"
_require_get_encryption_nonce_support
fi
echo "Creating encryption-capable filesystem" >> $seqres.full
- _scratch_mkfs_encrypted &>> $seqres.full
+ if (( policy_flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 )); then
+ _scratch_mkfs_stable_inodes_encrypted &>> $seqres.full
+ else
+ _scratch_mkfs_encrypted &>> $seqres.full
+ fi
_scratch_mount
+ crypt_util_args+=" --fs-uuid=$(blkid -s UUID -o value $SCRATCH_DEV | tr -d -)"
+
+ crypt_util_contents_args+="$crypt_util_args"
+ crypt_util_filename_args+="$crypt_util_args"
+
echo "Generating encryption key" >> $seqres.full
local raw_key=$(_generate_raw_encryption_key)
if (( policy_version > 1 )); then
"$set_encpolicy_args" \
"$keyspec" \
"$raw_key_hex" \
- "$crypt_util_args"
+ "$crypt_util_contents_args" \
+ "$crypt_util_filename_args"
}