[LTP] [PATCH v2] syscalls/keyctl09: test encrypted keys.

Eric Biggers ebiggers@kernel.org
Wed Dec 22 16:33:53 CET 2021


On Wed, Dec 22, 2021 at 09:14:43AM -0600, Eric Biggers wrote:
> On Mon, Dec 20, 2021 at 09:37:21PM -0500, Yael Tiomkin wrote:
> > diff --git a/testcases/kernel/syscalls/keyctl/keyctl09.c b/testcases/kernel/syscalls/keyctl/keyctl09.c
> > new file mode 100644
> > index 000000000..507cd5628
> > --- /dev/null
> > +++ b/testcases/kernel/syscalls/keyctl/keyctl09.c
> > @@ -0,0 +1,58 @@
> > +// SPDX-License-Identifier: GPL-2.0-or-later
> > +/*
> > + * Copyright (c) 2021 Google, Inc.
> > + */
> > +
> > +/*\
> > + * [Description]
> > + * Test that encrypted keys can be instantiated using user-provided decrypted
> > + * data (plaintext), and separately, using kernel-generated key material.
> > + */
> > +
> 
> This test doesn't seem to work as intended.
> 
> First, it fails if CONFIG_ENCRYPTED_KEYS is unset (it should be skipped):
> 
> 	keyctl09.c:33: TFAIL: Failed to instantiate encrypted key using payload decrypted data
> 
> Second, I don't have your patch "Instantiate key with user-provided decrypted
> data" (https://lore.kernel.org/r/20211213192030.125091-1-yaelt@google.com) in my
> kernel, so instantiating a key using "user-provided decrypted data" is not
> implemented by the kernel.  However, the test still passes regardless:
> 
> 	keyctl09.c:49: TPASS: Encrypted keys were successfully instantiated and read    
> 
> The test should detect when "user-provided decrypted data" is not supported by
> the kernel, and report that the test of that is being skipped in that case.
> 

And of course, if "user-provided decrypted data" *is* supported by the kernel,
the test should actually test it.

- Eric


More information about the ltp mailing list