Verify ciphertext for v2 encryption policies that use Adiantum to
encrypt file contents and file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Verify ciphertext for v2 encryption policies that use AES-128-CBC-ESSIV
to encrypt file contents and AES-128-CTS-CBC to encrypt file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Verify ciphertext for v2 encryption policies that use AES-256-XTS to
encrypt file contents and AES-256-CTS-CBC to encrypt file names.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test non-root use of the fscrypt filesystem-level encryption keyring and
v2 encryption policies.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a basic test of the fscrypt filesystem-level encryption keyring and
v2 encryption policies.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Update _verify_ciphertext_for_encryption_policy() to support v2
encryption policies.
This also required adding HKDF-SHA512 support to fscrypt-crypt-util.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Allow passing '-v 2' to _require_scratch_encryption() to check for
v2 encryption policy support on the scratch device, and for xfs_io
support for setting and getting v2 encryption policies.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Wrap the new xfs_io commands 'add_enckey', 'rm_enckey', and
'enckey_status' with helper functions.
Also add _user_do_get_encpolicy(), so that all encryption xfs_io
commands have a _user_do() version.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Rename the helper functions that add/remove keys from the session
keyring, in order to distinguish them from the helper functions I'll
be adding to add/remove keys from the new filesystem-level keyring.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Add a stress test for fs-verity. This tests enabling fs-verity on
multiple files concurrently with concurrent readers on those files
(with reads occurring before, during, and after the fs-verity
enablement), while fsstress is also running on the same filesystem.
I haven't seen any failures from running this on ext4 and f2fs.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Skip the O_DIRECT tests on f2fs when the test_dummy_encryption mount
option is given, for the same reason as given for ext4 in commit
9b154b26e4 ("common/rc: ext4 doesn't support O_DIRECT with
encryption").
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
The test case checks if btrfs can trim adjacent extents across
adjacent block groups boundary correctly.
The test case craft the following extents layout:
| BG1 | BG2 | BG3 |
Bytenr: X-8M X X+512M X+1G X+1G+128M
|//////|//////| | |//|
There is a long existing bug that, when btrfs is trying to trim the
range at [X+512M, X+1G+128M), it will only trim [X+512M, X+1G).
This test case is the regression test for this long existing bug.
It will verify the trimmed bytes by using loopback device backed up
by a file, and checking the bytes used by the file to determine how
many bytes are trimmed.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
xfsprogs prior to commit 2f9a125c3a39 ("xfsprogs: replace
pread64/pwrite64 by equivalent pread/pwrite") will see "pwrite64:
Text file busy" error. Just filter these "pwrite64"s to "pwrite"
with _filter_xfs_io_error.
Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
F2FS supports defragment based on file granularity, adjust test suit
to support f2fs.
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test if btrfs.ko sucessfully identifies and reports the missing
device, if the missed device contians no btrfs magic string.
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Test if btrfs.ko sucessfully identifies and reports the missing
device, if the missed device contians someother btrfs.
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Despite the existing <number>|fua|flush checkpoint, add a new
discard check point to make sure discard is not screwing up things.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This is intensive copy-up test for sparse files, these cases will be
mainly used for regression test of copy-up improvement for sparse
files.
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Chengguang Xu <cgxu519@mykernel.net>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
This test corrupts the filesystem to see what assertions and other
things to get logged, so don't treat that as a failure.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Calling src/<file> without path '$here' may cause the problem that
the file cannot be found.
For example, Running generic/192 with overlayfs(Let ubifs as base
fs) yields the following output:
generic/192 - output mismatch
QA output created by 192
sleep for 5 seconds
test
+./common/rc: line 316: src/t_dir_type: No such file or directory
delta1 is in range
delta2 is in range
...
When the use case fails, the call stack in generic/192 is:
local unknowns=$(src/t_dir_type $dir u | wc -l) common/rc
_supports_filetype common/rc
_overlay_mount common/overlay
_overlay_test_mount common/overlay
_test_mount common/rc
_test_cycle_mount generic/192
Before _test_cycle_mount() being invoked, generic/192 executed 'cd
/' to change work dir from 'xfstests-dev' to '/', so src/t_dir_type
was not found.
[Eryu: some tests run src/<file> as regular user, don't add $here
prefix in such case, as a regular user may have no search permission
on $here]
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
On old kernel, since commit ded188b860 ("xfs: Fix the situation
that mount operation rejects corrupted XFS") running this case got
the mismatched output, as below:
-----------------------------------
+ check fs
+ corrupt image
+ mount image && modify files
-broken: 1
+broken: 0
+ repair fs
+ mount image (2)
------------------------------------
It fails because the broken is always equal to 0 when
_try_scratch_mount succeed. So remove this wrong assignment
operation.
Signed-off-by: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
NFS v4.2 supports SEEK_DATA and SEEK_HOLE, but earlier versions do
not. As a result, the test exits and runs the cleanup function
without the $BASE_TEST_FILE variable set and the shell expands it to
"rm -f .*", deleting all hidden files in the current directory.
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Rename-overwrites over NFS work with a "silly rename" over the
network, so the nlink count stays at 1 instead of dropping to 0.
This is expected behavior for NFS, so we should use a different
golden output file to account for this.
See the NFS faq at: nfs.sourceforge.net/#faq_d2 for more
information about silly renames.
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Eric Biggers
Qu Wenruo
Yang Xu
Chao Yu
Anand Jain
Deepa Dinamani
Chengguang Xu
Darrick J. Wong
Zhihao Cheng
Anna Schumaker