| Message ID | 20231121223909.4617-5-ebiggers@kernel.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | xfstests: test custom crypto data unit size | expand |
On Tue, Nov 21, 2023 at 02:39:09PM -0800, Eric Biggers wrote: > From: Eric Biggers <ebiggers@google.com> > > Add a test that verifies the on-disk format of encrypted files that use > a crypto data unit size that differs from the filesystem block size. > This tests the functionality that was introduced in Linux 6.7 by kernel > commit 5b1188847180 ("fscrypt: support crypto data unit size less than > filesystem block size"). > > This depends on the xfsprogs patch > "xfs_io/encrypt: support specifying crypto data unit size" > (https://lore.kernel.org/r/20231013062639.141468-1-ebiggers@kernel.org) > which adds the '-s' option to the set_encpolicy command of xfs_io. > > As usual, the test skips itself when any prerequisite isn't met. > > Signed-off-by: Eric Biggers <ebiggers@google.com> > --- > tests/generic/900 | 29 +++++++++++++++++++++++++++++ > tests/generic/900.out | 11 +++++++++++ > 2 files changed, 40 insertions(+) > create mode 100755 tests/generic/900 > create mode 100644 tests/generic/900.out > > diff --git a/tests/generic/900 b/tests/generic/900 > new file mode 100755 > index 00000000..8d1b5766 > --- /dev/null > +++ b/tests/generic/900 > @@ -0,0 +1,29 @@ > +#! /bin/bash > +# SPDX-License-Identifier: GPL-2.0 > +# Copyright 2023 Google LLC > +# > +# FS QA Test No. generic/900 > +# > +# Verify the on-disk format of encrypted files that use a crypto data unit size > +# that differs from the filesystem block size. This tests the functionality > +# that was introduced in Linux 6.7 by kernel commit 5b1188847180 > +# ("fscrypt: support crypto data unit size less than filesystem block size"). I'll write this part as: _wants_kernel_commit 5b1188847180 "fscrypt: support crypto data unit size less than filesystem block size" when I merge it. > +# > +. ./common/preamble > +_begin_fstest auto quick encrypt > + > +. ./common/filter > +. ./common/encrypt > + > +_supported_fs generic > + > +# For now, just test 512-byte and 1024-byte data units. Filesystems accept > +# power-of-2 sizes between 512 and the filesystem block size, inclusively. > +# Testing 512 and 1024 ensures this test will run for any FS block size >= 1024 > +# (provided that the filesystem supports sub-block data units at all). > +_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-CTS-CBC v2 log2_dusize=9 Oh, all _require_scratch_... things are in this helper. I was wondering why it doesn't need to _require_scratch :) This patchset looks good to me, tested passed on latest upstream kernel. Thanks for this upgrade. Feel free to ping me, if your patchset be blocked long time. Reviewed-by: Zorro Lang <zlang@redhat.com> > +_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-CTS-CBC v2 log2_dusize=10 > + > +# success, all done > +status=0 > +exit > diff --git a/tests/generic/900.out b/tests/generic/900.out > new file mode 100644 > index 00000000..3259f08c > --- /dev/null > +++ b/tests/generic/900.out > @@ -0,0 +1,11 @@ > +QA output created by 900 > + > +Verifying ciphertext with parameters: > + contents_encryption_mode: AES-256-XTS > + filenames_encryption_mode: AES-256-CTS-CBC > + options: v2 log2_dusize=9 > + > +Verifying ciphertext with parameters: > + contents_encryption_mode: AES-256-XTS > + filenames_encryption_mode: AES-256-CTS-CBC > + options: v2 log2_dusize=10 > -- > 2.42.1 > >
diff --git a/tests/generic/900 b/tests/generic/900 new file mode 100755 index 00000000..8d1b5766 --- /dev/null +++ b/tests/generic/900 @@ -0,0 +1,29 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright 2023 Google LLC +# +# FS QA Test No. generic/900 +# +# Verify the on-disk format of encrypted files that use a crypto data unit size +# that differs from the filesystem block size. This tests the functionality +# that was introduced in Linux 6.7 by kernel commit 5b1188847180 +# ("fscrypt: support crypto data unit size less than filesystem block size"). +# +. ./common/preamble +_begin_fstest auto quick encrypt + +. ./common/filter +. ./common/encrypt + +_supported_fs generic + +# For now, just test 512-byte and 1024-byte data units. Filesystems accept +# power-of-2 sizes between 512 and the filesystem block size, inclusively. +# Testing 512 and 1024 ensures this test will run for any FS block size >= 1024 +# (provided that the filesystem supports sub-block data units at all). +_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-CTS-CBC v2 log2_dusize=9 +_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-CTS-CBC v2 log2_dusize=10 + +# success, all done +status=0 +exit diff --git a/tests/generic/900.out b/tests/generic/900.out new file mode 100644 index 00000000..3259f08c --- /dev/null +++ b/tests/generic/900.out @@ -0,0 +1,11 @@ +QA output created by 900 + +Verifying ciphertext with parameters: + contents_encryption_mode: AES-256-XTS + filenames_encryption_mode: AES-256-CTS-CBC + options: v2 log2_dusize=9 + +Verifying ciphertext with parameters: + contents_encryption_mode: AES-256-XTS + filenames_encryption_mode: AES-256-CTS-CBC + options: v2 log2_dusize=10