And here are some test programs / scripts that I've been using to test
these patches. They also demonstrate how to use the ioctl's.
- Ted
/*
* Test program to trigger the precache ioctl
*/
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <sys/ioctl.h>
typedef unsigned long u32;
struct ext4_encrypted_metadata {
u32 len;
char metadata[288];
};
#ifndef EXT4_IOC_GET_ENCRYPTION_METADATA
#define EXT4_IOC_GET_ENCRYPTION_METADATA _IOWR('f', 22, struct ext4_encrypted_metadata)
#endif
#ifndef EXT4_IOC_SET_ENCRYPTION_METADATA
#define EXT4_IOC_SET_ENCRYPTION_METADATA _IOR('f', 23, struct ext4_encrypted_metadata)
#endif
#ifndef EXT4_IOC_GET_ENCRYPTED_FILENAME
#define EXT4_IOC_GET_ENCRYPTED_FILENAME _IOWR('f', 24, struct ext4_encrypted_metadata)
#endif
void print_mdata(const char *s, struct ext4_encrypted_metadata *mdata)
{
int i;
printf("%s len %d: \n", s, mdata->len);
for (i = 0; i < mdata->len; i++)
printf("%02x ", mdata->metadata[i] & 0xFF);
printf("\n");
}
int main(int argc, char **argv)
{
int s_fd, d_fd = -1;
int oflags = O_RDONLY;
struct ext4_encrypted_metadata f_mdata, fn_mdata;
if (argc < 2 || argc > 3) {
fprintf(stderr, "Usage: %s source [destination]\n",
argv[0]);
exit(1);
}
s_fd = open(argv[1], O_RDONLY);
if (s_fd < 0) {
perror(argv[1]);
exit(1);
}
if (argc > 2) {
d_fd = open(argv[2], O_RDONLY);
if (d_fd < 0) {
perror(argv[2]);
exit(1);
}
}
f_mdata.len = sizeof(f_mdata.metadata);
if (ioctl(s_fd, EXT4_IOC_GET_ENCRYPTION_METADATA, &f_mdata)) {
perror("EXT4_IOC_GET_ENCRYPTION_METADATA");
f_mdata.len = 0;
} else {
print_mdata("file", &f_mdata);
}
fn_mdata.len = sizeof(fn_mdata.metadata);
if (ioctl(s_fd, EXT4_IOC_GET_ENCRYPTED_FILENAME, &fn_mdata)) {
perror("EXT4_IOC_GET_ENCRYPTED_FILENAME");
} else {
print_mdata("filename", &fn_mdata);
}
if (d_fd >= 0 && f_mdata.len > 0) {
if (ioctl(d_fd, EXT4_IOC_SET_ENCRYPTION_METADATA, &f_mdata)) {
perror("EXT4_IOC_SET_ENCRYPTION_METADATA");
}
}
return 0;
}
#!/bin/bash -vx
umount /vdc
dmesg -n 7
mke2fs -Fq -t ext4 -O encrypt /dev/vdc
debugfs -w -R "ssv encrypt_pw_salt deadbeef-dead-beef-1234-5678deadbeef" /dev/vdc
mount -t ext4 /dev/vdc /vdc
mkdir /vdc/a
echo foobar | e4crypt add_key /vdc/a
cat << EOF > /vdc/a/test_file
Lorem ipsum dolor sit amet, consectetur adipiscing elit. In accumsan
mi ac magna vestibulum commodo. Cras facilisis posuere tellus in
efficitur. Sed mollis mi eget elit vulputate pellentesque. Ut vitae
laoreet diam. Aliquam sem leo, luctus eget leo eu, hendrerit egestas
risus. Nulla non nisi ut nisl suscipit dictum. Donec eleifend dapibus
mi eu porttitor. Nulla lacinia tellus nec porttitor tincidunt. Nam
lectus nibh, fringilla sit amet enim id, consequat tincidunt
mauris. Ut blandit orci vitae elit suscipit varius. Donec vel sem
tristique, efficitur felis sit amet, sagittis metus. In laoreet
ultricies interdum. Aliquam felis est, pharetra eget nisl vel,
fringilla aliquet velit. Etiam ut augue ut ante fringilla gravida quis
a arcu.
EOF
umount /vdc
keyctl purge logon
mount -t ext4 -o ciphertext_access /dev/vdc /vdc
F=/vdc/a/$(ls /vdc/a)
dd if=$F of=/vdc/out iflag=direct oflag=direct bs=4k
/vdb/ext4-crypto-cp-md $F /vdc/out
umount /vdc
mount -t ext4 /dev/vdc /vdc
echo foobar | e4crypt add_key
truncate --reference /vdc/a/test_file /vdc/out
diff /vdc/out /vdc/a/test_file
