git.apps.os.sepia.ceph.com Git - xfstests-dev.git/commit

author	Eric Biggers <ebiggers@google.com>
	Thu, 4 Jun 2020 02:25:01 +0000 (19:25 -0700)
committer	Eryu Guan <guaneryu@gmail.com>
	Sun, 21 Jun 2020 14:21:29 +0000 (22:21 +0800)
commit	35fd4ce0b3731876a5b7b2635d423734f6f12b9b
tree	2d5b3c1fca77592c03b3a4bbfb1403994f3f62ff	tree \| snapshot
parent	a1c25b75b456880f64ab30ced0892f7603e4bb3c	commit \| diff

generic: verify ciphertext of IV_INO_LBLK_32 encryption policies

Verify the ciphertext for v2 encryption policies that use the
IV_INO_LBLK_32 flag and that use AES-256-XTS to encrypt file contents
and AES-256-CTS-CBC to encrypt file names.

The IV_INO_LBLK_32 encryption policy flag modifies the IV generation and
key derivation to be optimized for use with inline encryption hardware
that only accepts 32-bit IVs.  It is similar to IV_INO_LBLK_64 (which is
tested by generic/592), but it uses a trick to get the IV down to 32
bits.  For more information, see kernel commit e3b1078bedd3 ("fscrypt:
add support for IV_INO_LBLK_32 policies").

This test required adding SipHash support to fscrypt-crypt-util.

Running this test requires a kernel containing the above commit, e.g.
the latest mainline (which will become v5.8 and later).  For ext4, it
also needs an e2fsprogs version that supports the stable_inodes feature,
e.g. the latest git master branch (which will become v1.46 and later).

Signed-off-by: Eric Biggers <ebiggers@google.com>

common/encrypt		diff \| blob \| history
src/fscrypt-crypt-util.c		diff \| blob \| history
tests/generic/602	[new file with mode: 0755]	blob
tests/generic/602.out	[new file with mode: 0644]	blob
tests/generic/group		diff \| blob \| history