mirror of
https://github.com/linux-apfs/apfstests.git
synced 2026-05-01 15:01:44 -07:00
common/encrypt: check that contents encryption is usable
In _require_encryption_policy_support(), when checking whether the encryption policy is usable, try creating a nonempty file rather than an empty one. This ensures that both the contents and filenames encryption modes are available, rather than just the filenames mode. On f2fs this makes generic/549 be correctly skipped, rather than failed, when run on a kernel built from the latest fscrypt.git tree with CONFIG_CRYPTO_SHA256=n. Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Eryu Guan <guaneryu@gmail.com> Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This commit is contained in:
Eric Biggers
Eryu Guan
+3
-1
@@ -98,7 +98,9 @@ _require_encryption_policy_support()
|
||||
# without kernel crypto API support. E.g. a policy using Adiantum
|
||||
# encryption can be set on a kernel without CONFIG_CRYPTO_ADIANTUM.
|
||||
# But actually trying to use such an encrypted directory will fail.
|
||||
if ! touch $dir/file; then
|
||||
# To reliably check for availability of both the contents and filenames
|
||||
# encryption modes, try creating a nonempty file.
|
||||
if ! echo foo > $dir/file; then
|
||||
_notrun "encryption policy '$set_encpolicy_args' is unusable; probably missing kernel crypto API support"
|
||||
fi
|
||||
$KEYCTL_PROG clear @s
|
||||
|
||||
Reference in New Issue
Block a user