generic: test encryption key revocation during concurrent I/O

Add a test which revokes a keyring key while other processes are performing I/O on an encrypted file that was "unlocked" using that key. The crashes unpatched kernels with filesystem encryption enabled. This bug was present in kernels v4.2 and later. It has been fixed in v4.11-rc4, v4.10.7, v4.9.20, and v4.4.59. Cc: Theodore Ts'o <tytso@mit.edu> Cc: Jaegeuk Kim <jaegeuk@kernel.org> Cc: Richard Weinberger <richard@nod.at> Cc: Michael Halcrow <mhalcrow@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Eryu Guan <eguan@redhat.com> Signed-off-by: Eryu Guan <eguan@redhat.com>
2026-05-01 15:01:44 -07:00 · 2017-03-31 12:48:36 -07:00
parent 9d0c046534
commit 98ac3be360
4 changed files with 121 additions and 0 deletions
@@ -144,3 +144,11 @@ _unlink_encryption_key()
 	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
 	$KEYCTL_PROG unlink $keyid >>$seqres.full
 }
+
+# Revoke an encryption key from the keyring, given its key descriptor.
+_revoke_encryption_key()
+{
+	local keydesc=$1
+	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
+	$KEYCTL_PROG revoke $keyid >>$seqres.full
+}