Hello,
Needed some help on "encrypt" group tests in fstests.
so when I run "./check -g encrypt". All my tests (ext4) fails with
"keyctl_session_to_parent: Operation not permitted" print.
for e.g.
qemu-> sudo ./check -s ext4_4k tests/ext4/024
SECTION -- ext4_4k
FSTYP -- ext4
PLATFORM -- Linux/x86_64 qemu 5.17.0-rc5+ #25 SMP PREEMPT Tue Apr 5 14:10:07 CDT 2022
MKFS_OPTIONS -- -I 256 -O 64bit -F -b 4096 /dev/loop3
MOUNT_OPTIONS -- -o data=ordered /dev/loop3 /mnt1/scratch
ext4/024 1s ... - output mismatch (see /home/qemu/src/tools/xfstests-dev/results//ext4_4k/ext4/024.out.bad)
--- tests/ext4/024.out 2022-03-30 21:07:38.117980201 +0000
+++ /home/qemu/src/tools/xfstests-dev/results//ext4_4k/ext4/024.out.bad 2022-04-06 17:49:25.653513710 +0000
@@ -1,2 +1,3 @@
QA output created by 024
+keyctl_session_to_parent: Operation not permitted
Didn't crash!
...
(Run 'diff -u /home/qemu/src/tools/xfstests-dev/tests/ext4/024.out /home/qemu/src/tools/xfstests-dev/results//ext4_4k/ext4/024.out.bad' to see the entire diff)
Ran: ext4/024
Failures: ext4/024
Failed 1 of 1 tests
SECTION -- ext4_4k
=========================
Ran: ext4/024
Failures: ext4/024
Failed 1 of 1 tests
On further investigation what I notice is -
When I run below command in qemu "sudo keyctl new_session" (which I think is
also done by _new_session_keyring()), it returns "Operation not permitted"
i.e.
qemu-> sudo keyctl new_session
keyctl_session_to_parent: Operation not permitted
Is this because there is already some existing session or something?
So when I do "sudo keyctl show", I see below.
qemu-> sudo keyctl show
Session Keyring
699777301 --alswrv 1000 1000 keyring: _ses
63328941 ---lswrv 1000 65534 \_ keyring: _uid.1000
Could you please help with what am I missing here?
So for now I ran with the tests with below diff, which ignores this operation
not permitted print message. With this all the tests passes.
diff --git a/common/encrypt b/common/encrypt
index f90c4ef0..a0920664 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -203,7 +203,7 @@ TEST_KEY_IDENTIFIER="69b2f6edeee720cce0577937eb8a6751"
# the session keyring scoped to the lifetime of the test script.
_new_session_keyring()
{
- $KEYCTL_PROG new_session >>$seqres.full
+ $KEYCTL_PROG new_session >>$seqres.full 2>&1
}
# Generate a key descriptor (16 character hex string)
But is there anything else which I should check to confirm "-g encrypt" tests
actually gets excercised?
Also, do you know why this "operation not permitted" error while running with sudo?
Do I need to change anything at my end? Or does this needs fixing at fstests level?
I agree by spending more time in understanding the encryption stack and how it
is interacting with different kernel subsystems, I should be able to figure this
out. But I assumed, that this test should ideally run out of box, if not then there
is something very basic I am missing. I needed this for testing some basic cleanup
work which I am doing in ext4 related to CONFIG_FS_ENCRYPTION.
And wanted to make sure I test those changes against "-g encrypt" in fstests.
Please feel free to point me to the doc which I can refer for more information
about this.
Thanks for your help!
-ritesh
