Add a test which verifies that encryption is done correctly when a file on f2fs uses both compression and encryption at the same time. Patches 1-4 add prerequisites for the test, while patch 5 adds the actual test. Patch 2 also fixes a bug which could cause the existing test generic/602 to fail in extremely rare cases. See the commit messages for details. The new test passes both with and without the inlinecrypt mount option. It requires CONFIG_F2FS_FS_COMPRESSION=y. I'd appreciate the f2fs developers taking a look. Note, there is a quirk where the IVs in compressed files are off by one from the "natural" values. It's still secure, though it made the test slightly harder to write. I'm not sure how intentional this quirk was. Eric Biggers (5): fscrypt-crypt-util: clean up parsing --block-size and --inode-number fscrypt-crypt-util: fix IV incrementing for --iv-ino-lblk-32 fscrypt-crypt-util: add --block-number option common/f2fs: add _require_scratch_f2fs_compression() f2fs: verify ciphertext of compressed+encrypted file common/config | 1 + common/f2fs | 27 +++++ src/fscrypt-crypt-util.c | 98 ++++++++++++------ tests/f2fs/002 | 217 +++++++++++++++++++++++++++++++++++++++ tests/f2fs/002.out | 21 ++++ tests/f2fs/group | 1 + 6 files changed, 334 insertions(+), 31 deletions(-) create mode 100644 common/f2fs create mode 100755 tests/f2fs/002 create mode 100644 tests/f2fs/002.out -- 2.28.0
|