Google Git
Sign in
kernel/pub/scm/linux/kernel/git/jlayton/xfstests-dev/refs/heads/fscrypt^!/.
commit
0448d49e1b680111473abfb4869e6574ce684279
[log]
author
Luís Henriques <lhenriques@suse.de>
Mon Apr 04 11:25:54 2022 +0100
committer
Jeff Layton <jlayton@kernel.org>
Mon Apr 04 07:07:56 2022 -0400
tree
bacf9328f83d10606863658655a50da7c0371808
parent
cc001a308548a549740c0f9af3c8b6efd16cb71e [diff]
common/encrypt: allow the use of 'fscrypt:' as key prefix

fscrypt keys have used the $FSTYP as prefix.  However this format is being
deprecated -- newer kernels already allow the usage of the generic
'fscrypt:' prefix for ext4 and f2fs.  This patch allows the usage of this
new prefix for testing filesystems that have never supported the old
format, but keeping the $FSTYP prefix for filesystems that support it, so
that old kernels can be tested.

Signed-off-by: Luís Henriques <lhenriques@suse.de>
Signed-off-by: Jeff Layton <jlayton@kernel.org>

diff --git a/common/encrypt b/common/encrypt
index 7014f8f..6a8873f 100644
--- a/common/encrypt
+++ b/common/encrypt

@@ -254,6 +254,24 @@
 	fi
 }
 
+# Keys are named $FSTYP:KEYDESC where KEYDESC is the 16-character key descriptor
+# hex string.  Newer kernels (ext4 4.8 and later, f2fs 4.6 and later) also allow
+# the common key prefix "fscrypt:" in addition to their filesystem-specific key
+# prefix ("ext4:", "f2fs:").  It would be nice to use the common key prefix, but
+# for now use the filesystem- specific prefix for these 2 filesystems to make it
+# possible to test older kernels, and the "fscrypt" prefix for anything else.
+_get_fs_keyprefix()
+{
+	case $FSTYP in
+	ext4|f2fs)
+		echo $FSTYP
+		;;
+	*)
+		echo fscrypt
+		;;
+	esac
+}
+
 # Add the specified raw encryption key to the session keyring, using the
 # specified key descriptor.
 _add_session_encryption_key()
@@ -272,18 +290,11 @@
 	#	};
 	#
 	# The kernel ignores 'mode' but requires that 'size' be 64.
-	#
-	# Keys are named $FSTYP:KEYDESC where KEYDESC is the 16-character key
-	# descriptor hex string.  Newer kernels (ext4 4.8 and later, f2fs 4.6
-	# and later) also allow the common key prefix "fscrypt:" in addition to
-	# their filesystem-specific key prefix ("ext4:", "f2fs:").  It would be
-	# nice to use the common key prefix, but for now use the filesystem-
-	# specific prefix to make it possible to test older kernels...
-	#
 	local mode=$(_num_to_hex 0 4)
 	local size=$(_num_to_hex 64 4)
+	local prefix=$(_get_fs_keyprefix)
 	echo -n -e "${mode}${raw}${size}" |
-		$KEYCTL_PROG padd logon $FSTYP:$keydesc @s >>$seqres.full
+		$KEYCTL_PROG padd logon $prefix:$keydesc @s >>$seqres.full
 }
 
 #
@@ -306,7 +317,8 @@
 _unlink_session_encryption_key()
 {
 	local keydesc=$1
-	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
+	local prefix=$(_get_fs_keyprefix)
+	local keyid=$($KEYCTL_PROG search @s logon $prefix:$keydesc)
 	$KEYCTL_PROG unlink $keyid >>$seqres.full
 }
 
@@ -314,7 +326,8 @@
 _revoke_session_encryption_key()
 {
 	local keydesc=$1
-	local keyid=$($KEYCTL_PROG search @s logon $FSTYP:$keydesc)
+	local prefix=$(_get_fs_keyprefix)
+	local keyid=$($KEYCTL_PROG search @s logon $prefix:$keydesc)
 	$KEYCTL_PROG revoke $keyid >>$seqres.full
 }